URLhaus Database

You are currently viewing the URLhaus database entry for http://blumer.com.br/lasc/0Gu6EIpjaQF9k/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2119445
URL: http://blumer.com.br/lasc/0Gu6EIpjaQF9k/?i=1
URL Status:Offline
Host: blumer.com.br
Date added:2022-03-29 15:07:08 UTC
Last online:2022-06-13 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-29 15:08:07 UTC to hostmaster{at}registro[dot]br)
Takedown time:2 months, 15 days, 22 hours, 17 minutes Bad (down since 2022-06-13 13:26:03 UTC)
Tags:doc emotet link epoch4 heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-03-31AIY-01310467923.xlsmxlsm 894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7Virustotal results 36.51% Heodo
2022-03-31ZP-39178614020799.xlsmxlsm 162637428037d1f8f3bd675b122e5b830107b9ea7352c8c765e97a3afbce1231Virustotal results 40.98% Heodo
2022-03-31BZ-706478287.xlsmxlsm bc2b30e9969aa7dc11544b73955d47d12ec3d2febe998b5cef4b57c89dde7215n/a Heodo
2022-03-31OW-674876495743.xlsmxlsm 08e64e582d9d42f5f3a21eaff52bcb72b4a3abfc761561ff28f40bf937dedb2cVirustotal results 38.10% Heodo
2022-03-31HC-577777258793.xlsmxlsm b7434efd7fea43c4a794bcb8e1e055804c16bb20b9bef7bbb1c06b5bc23f419an/a Heodo
2022-03-31FHK-835674532.xlsmxlsm 6102217f21897ac71dc164ee9cb69526d874d45e748754b44309ae2b1d620880Virustotal results 43.33% Heodo
2022-03-31JZM-31294537332.xlsmxlsm 4f1ab8d0a0a6f8a7964b32b8a4bdd94bad95e6774501cf7685028a40efc761e2n/a Heodo
2022-03-31LFO-4930441464240.xlsmxlsm 764d8e72174b0666952016caf95096e85219dba6554a8ce6db74b8244b3e7590n/a Heodo
2022-03-31OVH-2855076.xlsmxlsm 93e06d8850641586fe31c662da490f8ff442f4f86021f50799e1174dcace1f72n/a Heodo
2022-03-30IJ-246357867642729.xlsmxlsm 3bfd193ea92a687030d7b2fb3354e52980ad28ba1cae92579b53f5473b44f37an/a Heodo
2022-03-30NO-43447523.xlsmxlsm 477477fc729f7eae198ac68c6d1a382c1f87d3e92f42c62a2c8fb367b38a658dn/a Heodo
2022-03-30AM-198835428036176.xlsmxlsm 4e02ab09c3dff2670f777165f76d28472d71ab8a624d8e6579067ccba0f1dbb8n/a Heodo
2022-03-30BL-13671485075873.xlsxls 1d74cb46d2219761b01e8425e6ec57120fdb867a48735edee3b9bfafd3706caeVirustotal results 25.00% Heodo
2022-03-3072044439221357832.xlsxls fab59013420b775b3fd0ec46d35267784ccda6fd2c7b8479f2fa578cdc8d45ddn/a SilentBuilder
2022-03-304716202541190.xlsxls d50ff37a85433702c1107c3f20efde94efa785c44886033b550035b23d873ac1Virustotal results 27.12%Heodo
2022-03-3060395951998761804832.xlsxls fa9ff98be2b2014f3459f9e24865c2c062491b891fcf51b2a6b03e208256305cn/a SilentBuilder
2022-03-30918190082025446.xlsxls 482093397773986b5b173a825d78c706cb985ca39555e3753b71c1e293733185n/a Heodo
2022-03-309427073827.xlsxls 48f8db12e68c170ee127dbfc92d5052aecb6e381f85910d86ba35b032a7737dfVirustotal results 25.00%Heodo
2022-03-3028148266052.xlsxls eec5aa2c79771459265c196acfde35def213e3f0420e5886a8364b57d722b7fcVirustotal results 23.33% Heodo
2022-03-304661350402.xlsxls f3722b5bd53b831d82a862879afd667bd8c3e78b8efc4b3c723e686b0f3c2b6fn/a SilentBuilder
2022-03-300996454076.xlsxls 28c1994bc596421a111c75b795d98b2192edc5aa92b6d1e3adcefd40bd9d0bdfn/a SilentBuilder
2022-03-305055255790.xlsxls d4cfb0c8440f63b52a9a6506210f17aa2cbdeac594081472fa3f4c8440fbbc1dn/a SilentBuilder
2022-03-30643335716763598030.xlsxls 53695dcf97841c90ec048a84804fbdd56aca83a71ad0ea445d6606181c7fcd64Virustotal results 28.33% SilentBuilder
2022-03-300330406912879.xlsxls 9446c54eb7a685ed2b0425e43e20af5e527530c1fe26ed9bfc6764c24dc44c8fn/a SilentBuilder
2022-03-3012226601884353579535.xlsxls 1368718563ca6d717e28a11f2ed560ef1e7ebd71253649ab0bd46a45a96e835dn/a SilentBuilder
2022-03-307682273500727.xlsxls 2ed370e7b10a0832ccc6c51912b84345f0b6b1a0d19f212a86886497ec9bee8fn/a SilentBuilder
2022-03-30488599091799190.xlsxls ed919e7317e9edb91eb7468e26cad1b08ecd328cfb669e1fb95bc2f3171b2ec8n/a SilentBuilder
2022-03-3009349520535045464206.xlsxls 2c3d9cb5cf7b573583526b209fee07992be32833f0daa21b1d69ce65560a0a58n/a SilentBuilder
2022-03-3022543578253.xlsxls 816d65ef33d77b72f61595fd6bb96e48e21933b9434d2b9c0e8d907a8ed462a9Virustotal results 23.33%SilentBuilder
2022-03-3034082696408.xlsxls 66115ef823bbc6b8007ee6b6508af174566899af8df63ea1f6707b293153f2bdn/a SilentBuilder
2022-03-305560760154570.xlsxls 4d11b3a06dccf68d365ed6fe59059434d439a139e229b490926f875e0fef78b5n/a SilentBuilder
2022-03-30292672695921503529.xlsxls fa291395f719a90cebdce4e7d311f4fb35c20358ff5b78b90db5691798067e1bn/a SilentBuilder
2022-03-3036493954382418.xlsxls 9e20870414472af770b5047e771d476f90fd15a939fab930e38aecaa20d16cean/a SilentBuilder
2022-03-3020653235373240061100.xlsxls 3104d47a09c86d04fa246fcabdc6ef69732755446d66d42f19dec29a33d057acn/a SilentBuilder
2022-03-3013317681263.xlsxls 8d68a2348c7a8e5c21b19f4602a4073af8c4f004aca606dc0bcc1639524e9c65n/a SilentBuilder
2022-03-3041717440205199.xlsxls de1dce37963bd312b3353cd23393b5c9603ab5a2c969ac420447e9183ad18a47Virustotal results 21.67% SilentBuilder
2022-03-30932852478896.xlsxls c014caec272f00448f32115b18b4c88c92ee9e4601ba0e8a8b6912d62c76ef70n/a SilentBuilder
2022-03-301243398686.xlsxls a86068c11ddc91fe81492d31c721514cb80c6bb1948c7cf126fe733af7205e52Virustotal results 21.67% SilentBuilder
2022-03-2918409701543527.xlsxls c7e78d00cf4d1eda853fe906d22b26c5e9a03e67f2ab9f2755ee7b7fb8c54ee6n/a SilentBuilder
2022-03-291089663876155.xlsxls ccb548d41cebfcba2c1b04912fb4f992cca90e013536c6716e1cb2b8145b98d6n/a Heodo
2022-03-29398938910173536592.xlsxls 629e7456ae38c8b30d5334a2b33b9be6015c9b610acc087684481707a894fff3Virustotal results 21.67% SilentBuilder
2022-03-293421472350271.xlsxls 21b493331dfa55c98bb5ac6fd74d85190940cfbcd4c7a6c499019918276e0cd8n/aSilentBuilder
2022-03-2980726546119907.xlsxls 9aae73f1b1f23ea3525922fbab9cc0ca2da3bb9ecf4c3605b566a6b6c663b908n/a SilentBuilder
2022-03-29708727465718502618.xlsxls 11e85a3bcab8d5d4f43929a8cf0783d612f20f10f38a0d84e702f110e149e565Virustotal results 23.33% SilentBuilder
2022-03-2961278827661080.xlsxls 4a1f67eac68a30b3e0d924a827eb976aebd1eca8f0cfdb68ca7d4adeb3d86abdn/a SilentBuilder
2022-03-295800148985450237290.xlsxls 6121550710d668a4b80ca4f056d91829e4a793dc1a04fd52c9ebd937b02fb685n/aSilentBuilder
2022-03-2999314123912.xlsxls de0451fa84d12094775843b0424bfcc18832943128c01ba088acae9c80a402e3n/a SilentBuilder
2022-03-292827070449.xlsxls d88413ed8bb6c8e22c93bbeeedcdbadc2ec6f0a39dfa83b931dd065eac775edeVirustotal results 23.33% SilentBuilder
2022-03-29530014540200796120.xlsxls 647cfb18fcc6e139f59ebb68f54fea4f3e3279feb326bb06202a1ce5d64da1b8n/a Heodo
2022-03-294999300118373960892.xlsxls e02116cc9438f4fe65649bcadabd2f0427d734b85bd77f212e841f2a9c477c61Virustotal results 28.33% Heodo
2022-03-29249918296844369.xlsxls 69b1369b3ff3471667ac6ead80831b8bc39830cb7132edf5f0e40e35f6d94d0dn/a SilentBuilder