URLhaus Database

You are currently viewing the URLhaus database entry for http://ethdesign.nl/cgi-bin/fdKJUUr0V26Z8PPzwpPoT5u/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2119493
URL: http://ethdesign.nl/cgi-bin/fdKJUUr0V26Z8PPzwpPoT5u/?i=1
URL Status:Offline
Host: ethdesign.nl
Date added:2022-03-29 15:40:05 UTC
Last online:2023-01-21 12:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-29 15:41:05 UTC to abuse{at}totaaldomein[dot]nl)
Takedown time:9 months, 27 days, 20 hours, 19 minutes Bad (down since 2023-01-21 12:01:01 UTC)
Tags:doc emotet link epoch4 heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-03-30579325214117.xlsxls 5c5982e66d129ffc81e2afdc277b205739de990caaa2fa12443b155bb16d7ef1n/a SilentBuilder
2022-03-30254244749948620579.xlsxls 5e42f72b6f48384d2369d13cce199bc20da44c757705ba69765152d0d1d02f96n/a SilentBuilder
2022-03-30746150105362832.xlsxls c56d2d89a7b4e8e3be75d64d8e926afa91d8fc7c9cdbf50933d3b079c58423d5n/a SilentBuilder
2022-03-30009447128173054953.xlsxls bf4c74c969381aacc9d55ff9a4062b33639ff53eed6c07534bf83cf990a83353n/a SilentBuilder
2022-03-30057942368628013.xlsxls 7bc0a080f39d5c19c14ef549d30373cf03116dd942536ee0c02249e4f94fafben/a SilentBuilder
2022-03-30741246538692810433.xlsxls bfe23f7a26dafe38fd6799a726ed7aa7856fb88f5892841e58b06a93caf118e8n/a SilentBuilder
2022-03-301688317968832473154.xlsxls 1b3dcc87c329e9a704c55890eced55298a7fe31f93de0dcbf15924aa87d4b3afn/a SilentBuilder
2022-03-308904661093.xlsxls 4c775dc66dd1e7eefeb86433444c9bbc877514e792cb453c194199333d0aba86Virustotal results 23.33% SilentBuilder
2022-03-300599694949232338636.xlsxls b2384667cf5b1834ef6f3173c72953dd0544b2c49e5ec5b0075629a89e572132n/a SilentBuilder
2022-03-301298917410273778.xlsxls 9e567a344081987a4426f78ec523045fd89cefc8790ccd11bc7c7e84a0816144n/a SilentBuilder
2022-03-307558973022744.xlsxls 9b7452e408963921f685e25246f5c63af11c407ac04a6fa47ffe38b3325b52bdVirustotal results 22.03% Heodo
2022-03-3092215317448.xlsxls 3f55a18289a4defdb2b50e5314a7972d39bd0d4e7e2da0826a91f163eebe2a9cn/a SilentBuilder
2022-03-29254502809461850.xlsxls fe7634683727f4e2c4ddaf2eea56dd2291955ef5396c96bb353ccbc080e996d7n/a SilentBuilder
2022-03-2962848914069925022.xlsxls ef3bcb266ee4c7a41d149583984bbf42d469da86d9537dfdf3565d0388d80f38n/a SilentBuilder
2022-03-2966401360844280869614.xlsxls 44fbb7ebee68799512eae11164cfce84ba5836fa6a3674df33e9e527a6edfb01Virustotal results 21.67% Heodo
2022-03-2910445074690792659465.xlsxls ed2f8d7e4690bad774218068fb147924da6ac0dc68f5329699e01075b866a262n/a SilentBuilder
2022-03-296567992736.xlsxls bbc1337630f46853905e7fa804eb8bf2b3644f3a16a1911ea1fbd7fe1811c1ecVirustotal results 22.03%SilentBuilder
2022-03-296482538588.xlsxls 30c386f8b27cab9ed4525f9123ace697473b0a9c1a5d17ce0267258535926383Virustotal results 23.73% SilentBuilder
2022-03-2980666884674.xlsxls 07610eca3a554bbc3279af58afb13d4da4234771cc60b020fac93605a9a8a429Virustotal results 23.33% SilentBuilder
2022-03-29351895594106100.xlsxls b8815fc4a5adf0e8d11f79313180c3c444b056d9cceda1e151bd29a2dbd4b312n/a SilentBuilder
2022-03-29379246170331374941.xlsxls 299eef9367c7d46794f985f1653108dff2ea664d29f31b8ba1a08c934e1d42b6Virustotal results 23.33% SilentBuilder
2022-03-2964727449523.xlsxls de0451fa84d12094775843b0424bfcc18832943128c01ba088acae9c80a402e3n/a SilentBuilder
2022-03-29981722172964774.xlsxls 4268dc47de4d11bc5cc3876e399602c2904c5903a08e1150763c0534a38a1ffaVirustotal results 23.33% SilentBuilder
2022-03-297608422433304030.xlsxls 2f3f7c6de82942afe012bc20ff8122859b1dcae1fc267f1fdd03fb2ea7605f9an/a Heodo
2022-03-2970519966882312.xlsxls 0fdc9504c43e5829e5b84c12826b43e362787fc2446c527ebd3b373dce12c86aVirustotal results 26.67% SilentBuilder