URLhaus Database

You are currently viewing the URLhaus database entry for http://esser-promotion.de/kuenstler/9JzQquBzAa2erx204JB5aPXVpa0qO/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2119512
URL: http://esser-promotion.de/kuenstler/9JzQquBzAa2erx204JB5aPXVpa0qO/?i=1
URL Status:Offline
Host: esser-promotion.de
Date added:2022-03-29 15:50:06 UTC
Last online:2022-04-04 12:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-29 15:51:07 UTC to abuse{at}hosteurope[dot]de)
Takedown time:5 days, 20 hours, 16 minutes Bad (down since 2022-04-04 12:07:38 UTC)
Tags:doc emotet link epoch4 heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-03-31KNU-66160778531608.xlsmxlsm 894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7Virustotal results 36.51% Heodo
2022-03-31VZW-2470083.xlsmxlsm b034cfc88c6603dc0f5519ecba2dbba8c5382b26b8c25da23f8d40368ce8e7b5Virustotal results 33.87% Heodo
2022-03-31LWR-2469845254.xlsmxlsm 63ba5c63fa8f569c1870ab57faeeec2933a7bdb28c90458f6c5373f1a71dcef4Virustotal results 36.51% Heodo
2022-03-31NG-12062478.xlsmxlsm b5df411a9037fcd4dc6b3e92145aae14064c20edf7476a543c778bdb8af22600Virustotal results 36.51% Heodo
2022-03-31FV-44225183.xlsmxlsm c3a5d5bc890f935056c127bdeda35cfcfbb8e292e59774a24ca5611e94430907Virustotal results 37.70% Heodo
2022-03-31DJ-6729274041.xlsmxlsm 168a9aa1b5fa37a354fd6ccba71dcd29cbcd503a578504c69feb38bd84a8a691Virustotal results 42.62% Heodo
2022-03-31MR-48779273.xlsmxlsm 4409b097292f1ed1adedbae38fcecf71370a64209f9bb5ffff019b71e8a88533n/a Heodo
2022-03-31KD-4184818612206.xlsmxlsm 6ba49c8a1bc5dddfc74a33d1c6f53df15e682043f2e3e66963ef4577191206cdn/a Heodo
2022-03-31SYL-803973391724435.xlsmxlsm 638588dd97949a25ee7322aa73731204406054bf2db2043063ebfdc82d353f65n/a Heodo
2022-03-30SVA-2936435747652.xlsmxlsm b4f7a7bd6f99c0ea09617160e6bf753419f6d731901828662049ac8abfed4959n/a Heodo
2022-03-30DQV-4807283603.xlsmxlsm 39bbb570609ea300f9d959dcf23f2161043c6dedc230f97e7eab2388db651831Virustotal results 37.10% Heodo
2022-03-30ZY-783796422837936.xlsmxlsm 51be5ff843565b3e8fe56f303452e018d305cc846181d2d79d435509b2dc578cVirustotal results 35.00% Heodo
2022-03-30ILM-482347258088.xlsmxlsm a635724502ddf792c6bc78f232c678f559b02ac1baa5cb61f924b6d2d7aeccd0Virustotal results 39.66% Heodo
2022-03-30JA-78458383.xlsxls 403c28ce1df56f185d0824575299bea20d7d1738e6a9688c551d039b6d1aaea2Virustotal results 28.33% Heodo
2022-03-30TH-197858532.xlsxls 31ad327541ee0627096151e901dee22241e584b78b52c17eee5a1c40a6f25490n/a SilentBuilder
2022-03-30607908859421057787.xlsxls e6816092d6eb5bec7ab8d5463c45994379e212925e29994c9a28a826b9f0ee92n/a SilentBuilder
2022-03-3089628636824.xlsxls dca8eaa3af3959b306af25eed2fa0edff0e0afc2eff8303e02086f3c9e2d24aan/aSilentBuilder
2022-03-3096722149009998854.xlsxls 221910c7bac2cde3ccf134de6b07d900adaec3e2ad685290765ec531c5a92125n/a SilentBuilder
2022-03-306167705934090940.xlsxls 539de96d81ed4955f2d70a8c888ba181357736c83b1c56383797bb82f18abb52n/aSilentBuilder
2022-03-306857619602103.xlsxls 5aa5eaa6978bc5dd39ec66d659e21ae075374067866bb46c3447fa2d13f4d99eVirustotal results 26.67% SilentBuilder
2022-03-309581065320.xlsxls ef3d086b10d8ff1a6b4e0e8d2b12a320f6c5c03623b0cb931acf667cdc77a6b3Virustotal results 23.33% SilentBuilder
2022-03-3023538432444403.xlsxls 575ea63eff2b3c61417ebd91a6b84b48aa3a00895587cb2aaf2f312278265454n/a SilentBuilder
2022-03-300509960041176.xlsxls e4b3720702c9e2904b9acc83e65446087d22bc3011dc99987f2f4a373cfc4fe8n/a Heodo
2022-03-3059986164926594642.xlsxls 4c11e21253fecf68a6116f5381452e801b0edf62fceac13394d7366685545a9an/a SilentBuilder
2022-03-3052348943382740.xlsxls 8ac921427017ffda78505e0ab7d5ef4aa736131b9914734111910f5350b10306n/a SilentBuilder
2022-03-300735156616879937.xlsxls 2b82324426c06592a76bf7c5c8aa1dee1ce453a2735ecdb3d54a179a452bc4b9n/a SilentBuilder
2022-03-3011311335622.xlsxls b0bb73b26ef4bb7bbfc7a11f9623721be84f3b00cab0c87a0a89597f79cc9be4n/a SilentBuilder
2022-03-304456421524.xlsxls 553da5e4c71464540693e53e16cdb2c9285cfe93168bcc63cddabadaef5504e5n/a SilentBuilder
2022-03-308034152064949289901.xlsxls 9822c8d67fc1931f874b2f4e8677a6eb5492d20aa72d677e4d8309f37108668dVirustotal results 25.00% SilentBuilder
2022-03-30904001511573542068.xlsxls fc11990e224dccd621a3e096de9d3ba9ea970ea8434a56a20ff5dbf00ac1bd90n/a SilentBuilder
2022-03-3059856248738581.xlsxls 905937ee43f2fc5221d18f42e0e1b2514bd1059016ddac70a5fe00c2092cf34an/a SilentBuilder
2022-03-3005410843639013026.xlsxls 7ddae3e85483abfb06dc511d0ce4a50cc3ccf6c47482f5871602b5743b8bfe6an/a SilentBuilder
2022-03-3061781150236592.xlsxls c12be159aaffc14d6672e97c280868c12ceadd8a60e48769ddefa0d64313e18an/a SilentBuilder
2022-03-303462102570.xlsxls 1df353a49cdcdda3a2fd0975e56722ebb821d116c09ae34767166322b6d971adn/a SilentBuilder
2022-03-30860100087917102768.xlsxls 40498c40e8c9631007ce5445b975c4bc938d2eadfcb58519909aeca1e35d736fn/a SilentBuilder
2022-03-304318582912583782.xlsxls b2384667cf5b1834ef6f3173c72953dd0544b2c49e5ec5b0075629a89e572132n/a SilentBuilder
2022-03-305597004433293091942.xlsxls aa579d60406300305eec771b75ab3f147f1f990b8739d04b60d1b15bbbdc0809n/a SilentBuilder
2022-03-300280507136.xlsxls 6400fd63be21f06d312090e174ef77fa126a7737ae4e844f07b4eccb05b10489n/a SilentBuilder
2022-03-308601089231581.xlsxls 33738cbb09c22f3062802f4a16e2fa2e3c32ae7576ead84e37cc8d972a8ded2en/a SilentBuilder
2022-03-297596593160.xlsxls ba13b12a743a11e9e409585874d281e4485fc74010a1f9d1c06e950d67e8f808n/a SilentBuilder
2022-03-2960933894939.xlsxls 4db12a7472a2427ea88cb16a24494b46824688abd29824abffa27f9366e46f30n/a SilentBuilder
2022-03-2964398856004.xlsxls fa71482fa174e9b6b3a1a1b356349d522ae45132349656afae93182a187ba493Virustotal results 21.67%SilentBuilder
2022-03-2963355990155729.xlsxls 24a1941927cd7d54e343a4d2eeece0639b6502fb458e92b9e9d325cb138842f6Virustotal results 21.67%SilentBuilder
2022-03-2951504015434782.xlsxls 6e5d4d61f6b1d0d27afe34e697395676dd75e6089767b1126d340b7c343a8642n/aSilentBuilder
2022-03-2917667421647419813485.xlsxls 37b9f7f289229073f7615e9694ead523ff3f6cdf77a0cf2d0694d910a10ce6b7Virustotal results 21.67% Heodo
2022-03-2965356186850228.xlsxls dba7a4b42e291b9f9fa4c9734d6671a1ebb6dda6e2bec200a0d72322ad1f37b6Virustotal results 21.67%SilentBuilder
2022-03-299221948488662613752.xlsxls fed653b6d6b107a271c13302a2df3109edc3833db5d2b947f0471fe97b2a0ba0Virustotal results 22.03%Heodo
2022-03-29020645156193214.xlsxls d0dc2168b3dd4944488dd41feee933b81254176491122d8afdbcd8bafa175694n/a SilentBuilder
2022-03-29576571062083.xlsxls d95969e51a63d943f36d9d5189079e570a3d5eefa5abb6c24c243ca139b5788dn/a SilentBuilder
2022-03-298522294255351227.xlsxls 5c98f8551a19c97c9ebd5cc5a5b07fbc6b9b91e0aca679029333c70da513df68n/aHeodo
2022-03-295495524510467680612.xlsxls d6646a94355639bf44f2e0fd0805e12c8f774cb87361d5bbc1a9f2f606c35f14n/aSilentBuilder