URLhaus Database

You are currently viewing the URLhaus database entry for https://gabrielcarranza.com/fotoyvideo/HgxXmsVy2Zv0rasSML01KDx5ub/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2119433
URL: https://gabrielcarranza.com/fotoyvideo/HgxXmsVy2Zv0rasSML01KDx5ub/?i=1
URL Status:Offline
Host: gabrielcarranza.com
Date added:2022-03-29 15:01:05 UTC
Last online:2022-03-30 08:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-29 15:02:06 UTC to abuse{at}ovh[dot]net)
Takedown time:17 hours, 10 minutes Good (down since 2022-03-30 08:12:34 UTC)
Tags:doc emotet link heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-03-30968576983678.xlsxls 905937ee43f2fc5221d18f42e0e1b2514bd1059016ddac70a5fe00c2092cf34an/a SilentBuilder
2022-03-309117670589582528.xlsxls 7597defb4baf2b0e2bac5b71f4f2cce4b215b9269a11b07be5dd44e5a750956dn/aSilentBuilder
2022-03-3030995431345940958.xlsxls 51a8819534ed48bd71579b6e79307358b76ceaae81aafc73cbb8e8b77e977061n/a SilentBuilder
2022-03-30318184351544146.xlsxls 052fbc6590f24acff458963b590eef70e2476dda44c74382ebbbc8cc3a9e9c25n/a SilentBuilder
2022-03-30487485509470042.xlsxls 44d5403251abf78bcc06490d12cef37dfb9c334dea049aedafa5e6a86bbfb235n/a SilentBuilder
2022-03-302306623736330.xlsxls 24ad9d3f78bea240504cbce0249b7039af63a76ace53c784675eddccc8a91de0n/a Heodo
2022-03-3090849028539251.xlsxls 795d1cb7302f7f2d226a7a50f9a1dfaca81c320aabc71f47113736bc0712a6a7n/a SilentBuilder
2022-03-307757380163170168128.xlsxls c014caec272f00448f32115b18b4c88c92ee9e4601ba0e8a8b6912d62c76ef70n/a SilentBuilder
2022-03-30049322259418571374.xlsxls 119dde2b16a947658ca5ac6ba63f97a47e26b1fb1d29177c36bbd67ff0bc4252Virustotal results 21.67% Heodo
2022-03-2980171547873199025956.xlsxls 5945c872c336b1839e2d24e8ade8c28cd4bfda3b45281798c978e0989334a219n/a Heodo
2022-03-29400882344665006020.xlsxls ccb548d41cebfcba2c1b04912fb4f992cca90e013536c6716e1cb2b8145b98d6n/a Heodo
2022-03-2987523422531352687816.xlsxls b26329204d4a737b51b710c6fb4ca573291be87a1fb5606f0e0b75987c09908fVirustotal results 23.33% SilentBuilder
2022-03-292406499712551.xlsxls a679c80a799b163cf0ad3f464c4a1bc023c7d6dd0715662da376d6260a4b9040Virustotal results 23.33% Heodo
2022-03-29166322630750143.xlsxls 00f88247e1f9d562ff5a1e3202391241ce9d5f1a7b1847262010cfe28141f5d0Virustotal results 12.24% SilentBuilder
2022-03-2910042118837339426.xlsxls 9db976f03be80c573a78c32957197e49ea8b492a333975837014c9b3b5172198Virustotal results 23.33% SilentBuilder
2022-03-296678895020276505377.xlsxls 54d08522ffbd96a675e5aea3d3658b9aeafed3508940f376269fdebe9a930237Virustotal results 23.33%SilentBuilder
2022-03-29655852655241.xlsxls 299eef9367c7d46794f985f1653108dff2ea664d29f31b8ba1a08c934e1d42b6n/a SilentBuilder
2022-03-2915041553015037010531.xlsxls 785f830ec42e6e6de3f29b1037818fa35ba3bf5bdcc06cff94a3bc582927086cVirustotal results 21.67% SilentBuilder
2022-03-29506791883434432.xlsxls d88413ed8bb6c8e22c93bbeeedcdbadc2ec6f0a39dfa83b931dd065eac775edeVirustotal results 23.33% SilentBuilder
2022-03-29894342327702.xlsxls 9575e2971e7e9d0105384f20c77f085a66fe3e95903619289c697f24ab411e42n/a SilentBuilder
2022-03-29050715834556.xlsxls eda7f7e8834bcc66058cf806569b10374127869c38c074ce5b1d6762277d8d71Virustotal results 26.67% Heodo
2022-03-29578666936389631.xlsxls fa0b00a97c0fcdee52edad2f04692efa11a8567946cffac17a52cfef6da485a6Virustotal results 26.67%SilentBuilder