URLhaus Database

You are currently viewing the URLhaus database entry for https://ets-touristic.com/css/bOAmob5g47ReTMv/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2119474
URL:	https://ets-touristic.com/css/bOAmob5g47ReTMv/?i=1
URL Status:	Offline
Host:	ets-touristic.com
Date added:	2022-03-29 15:29:05 UTC
Last online:	2022-06-06 23:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-03-29 15:30:07 UTC to abuse{at}hostgator[dot]com)
Takedown time:	2 months, 9 days, 8 hours, 19 minutes (down since 2022-06-06 23:49:44 UTC)
Tags:	doc emotet epoch4 heodo SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-03-31	WE-54155850.xlsm	xlsm	894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7	36.51%	Heodo
2022-03-31	WK-5944866628.xlsm	xlsm	97f11e4cd509aefb731d8b1a4b299c8ab4096e270f05f52d8e0eb6d2366fa501	38.71%	Heodo
2022-03-31	QZ-157699366.xlsm	xlsm	bc2b30e9969aa7dc11544b73955d47d12ec3d2febe998b5cef4b57c89dde7215	n/a	Heodo
2022-03-31	ESH-540074236199.xlsm	xlsm	08e64e582d9d42f5f3a21eaff52bcb72b4a3abfc761561ff28f40bf937dedb2c	38.10%	Heodo
2022-03-31	XJ-829639391065.xlsm	xlsm	df344251ca9c5fdc148f67495779187ecfaeb8d12fb21d8fd0d3912176d9728f	n/a	Heodo
2022-03-31	FO-113574080753.xlsm	xlsm	eb39b29661d81cbcd7a00f191c61ce9902b80b68e1e03215e56221bfc85863ef	39.68%	Heodo
2022-03-31	XOA-9688973633997.xlsm	xlsm	98a592dec22b8ac672dee0217d195c4a9880a55a26110f225c13f3fe6916495c	n/a	Heodo
2022-03-31	WAL-49526099957.xlsm	xlsm	52939ecf287fe6bf3435960c423bf17f7ea8452f102024e9aca86cf806fdd533	n/a	Heodo
2022-03-31	MKW-385089238837.xlsm	xlsm	70c7353a1e172d428b42bed59b7ddb9a6d1b60c368ec7ae5eb64c0eeed368080	43.55%	Heodo
2022-03-31	RGM-2162703882.xlsm	xlsm	08e924859a3a3f17c099cca75fbb3cfd7f8cd726fa2e89fb47ff02f9687143ba	34.43%	Heodo
2022-03-30	LYB-49417073.xlsm	xlsm	2b1f1f87033e83e264f05939f180b63165e067861f9c6f1253aedc9c9e1efb6e	n/a	Heodo
2022-03-30	UE-023681537930.xlsm	xlsm	51be5ff843565b3e8fe56f303452e018d305cc846181d2d79d435509b2dc578c	35.00%	Heodo
2022-03-30	RY-84779677639.xlsm	xlsm	168a9aa1b5fa37a354fd6ccba71dcd29cbcd503a578504c69feb38bd84a8a691	n/a	Heodo
2022-03-30	CA-217988503910.xls	xls	403c28ce1df56f185d0824575299bea20d7d1738e6a9688c551d039b6d1aaea2	28.33%	Heodo
2022-03-30	9148934568612321.xls	xls	3493b3210a3ce325a05cc7da5ffc69d323e0a0a645d8bdfaf1016a2de52ee1b5	26.67%	SilentBuilder
2022-03-30	2261244268004528522.xls	xls	7c9ef24f3522ff243e77f5d6e0cb50f6766916fcc1ad2fe845f9d509e39a6b3f	n/a	Heodo
2022-03-30	68509181720542346.xls	xls	c1b66d5e6ba70e29304adc1b00c11de4f638c7ba0ef607d43e7388e2c65b121f	n/a	SilentBuilder
2022-03-30	458020544225408158.xls	xls	47d56d48a9d1124c93c30fceca3e85139262e561196d7e483048f00952a1dfae	n/a	SilentBuilder
2022-03-30	54964782148.xls	xls	621c03dab4474a4833ab039b2b94901ff518a347407d57e786ce571a6b652393	26.67%	SilentBuilder
2022-03-30	239709245150.xls	xls	48f8db12e68c170ee127dbfc92d5052aecb6e381f85910d86ba35b032a7737df	25.00%	Heodo
2022-03-30	3986600666685712.xls	xls	b2565c24c9c72461d71c25df5d6ea291c53cd27725217f8c6585653cbdf72648	25.00%	Heodo
2022-03-30	016281546567805907.xls	xls	82dd13809bbcd68f4c4cb0b98c2c979c8275fd86dfaaeb01eb3c1e17d6a3d990	21.67%	Heodo
2022-03-30	34762428260100.xls	xls	69d8211fe32a1c511c6fd358005bceb8e19e01d9cc927c01b9f0760c13b75d6c	n/a	Heodo
2022-03-30	682981786397.xls	xls	9aae3a9d0d57dec1eb2e6151e4930c4624c95638ea038cfcd64436bf32abb39f	n/a	Heodo
2022-03-30	1334319548097759798.xls	xls	1f4abd57d6305167ea781e255bf801474d77d7415dc16bfa03bcd9c6afb8e977	n/a	SilentBuilder
2022-03-30	13296967844390958.xls	xls	4951fce4529257a5344af35c9e06cc7d1c1cb2a852b283efea1e94d77315f02f	n/a	SilentBuilder
2022-03-30	45199588908817077.xls	xls	1bf4ad696c1edaacc7221aee958ac591aed18407dd6c4c99aca6da4fdb8ed3ed	n/a	SilentBuilder
2022-03-30	308024981296731486.xls	xls	1368718563ca6d717e28a11f2ed560ef1e7ebd71253649ab0bd46a45a96e835d	n/a	SilentBuilder
2022-03-30	79159723599334978.xls	xls	2ed370e7b10a0832ccc6c51912b84345f0b6b1a0d19f212a86886497ec9bee8f	n/a	SilentBuilder
2022-03-30	40018595796.xls	xls	3b5fe9b70f66483e2ee405c90f3d6bf6097097057cd5030eb62265a6ae113af3	n/a	SilentBuilder
2022-03-30	144842292988944374.xls	xls	51d586a78bc766463008630833b7fa1109b0c4dc24dd003e42ae6fdf52344eee	n/a	SilentBuilder
2022-03-30	164892786639.xls	xls	dd04cbc0f8217962d36e8031e29302c6ae443cb6494ef00afa0eb93aeb920a99	n/a	SilentBuilder
2022-03-30	88514822572409.xls	xls	e2ee016889aedab89bbc5f12cac6caa90469cc9399fb4d492feda727602e4ed4	n/a	SilentBuilder
2022-03-30	46449618546455.xls	xls	153ed0822091516925dc6d0878a91cce7c48cf3015c7b66490832a19bd11eb4b	n/a	SilentBuilder
2022-03-30	60040750597960386.xls	xls	b1c3d43a1b9fd0f97ca13511fa5bea8e9c537383fd9ca4962779312fc30460ef	n/a	SilentBuilder
2022-03-30	851379279215897318.xls	xls	e7e82a21a6688a513fbbb984f6eb3acadcfc4ee4d8f4572c4a2917b1fc45e90b	n/a	SilentBuilder
2022-03-30	80912466285684.xls	xls	48de62f0ea202f9f6a63f26983545a5c456251ffe79dc9d394d8a599c8069208	n/a	SilentBuilder
2022-03-30	1252441982072.xls	xls	795d1cb7302f7f2d226a7a50f9a1dfaca81c320aabc71f47113736bc0712a6a7	n/a	SilentBuilder
2022-03-30	94344228034114.xls	xls	50c3d5a37ccc9d63435cb5ed56e8a758234f55c42f3d8a90c12fdde81ae649bf	22.03%	SilentBuilder
2022-03-30	103545731150.xls	xls	ea13a94f3e4a70c733aeb667730f849010c2d3476572c0bc6435ff4a0bc1b418	23.33%	Heodo
2022-03-29	93501134027999.xls	xls	1b7b4de07674b0a896830c649a51473d0c17f4ea18ec4c30001b9886c6af41dd	n/a	SilentBuilder
2022-03-29	627155617420930.xls	xls	623f24ebe43fae701e016c72cb568928b5c7005de85b3e95e7b6cdb2d12b1e0a	n/a	SilentBuilder
2022-03-29	1790036355972.xls	xls	d2c2f994b521bda48acab4fdb007d4fd5b14e1d30efd50a47348c9021992ff50	n/a	Heodo
2022-03-29	11196391246993564523.xls	xls	6741b0effa1844c85e25015d8c01ab0330e793dc563cfe2977746f5eb7a37fd3	n/a	SilentBuilder
2022-03-29	80792721417597452.xls	xls	6e5d4d61f6b1d0d27afe34e697395676dd75e6089767b1126d340b7c343a8642	21.67%	SilentBuilder
2022-03-29	3885610664805.xls	xls	37b9f7f289229073f7615e9694ead523ff3f6cdf77a0cf2d0694d910a10ce6b7	21.67%	Heodo
2022-03-29	5861958652426.xls	xls	f093307e4342bea11584d514fb2b1821c91d4b21326993600723b4f463568a44	n/a	SilentBuilder
2022-03-29	9458504249240691.xls	xls	5bf968294acfaf7a22762b459f2d1e559de2c77dc3411007d146e8b0b0807399	25.00%	SilentBuilder
2022-03-29	52349274690115161893.xls	xls	82949dfed8639199d9a4ee44fdd0f4e946c8636cbc904cdd5dc80f5ad1035bee	n/a	SilentBuilder
2022-03-29	9975219193343553805.xls	xls	27189fea209b3bebd9b9d190466aa9b9b629e8f543d2d9fca45fa5a6ab72cea9	n/a	SilentBuilder
2022-03-29	948286631498689948.xls	xls	e4243888b0f9e1a780da309c77e9c9ff11dd77f8f6ec6f5e597996c3bc862a58	n/a	Heodo
2022-03-29	6504591657021833247.xls	xls	bfd6c33d84125a91753810e48fe9798b826d4d5328b190d6939d2c6f4ebe8ae1	n/a	SilentBuilder