URLhaus Database

You are currently viewing the URLhaus database entry for http://escueladecinemza.com.ar/_installation/mavKbOyR3ru0TK7X8UwbSCe2ayux/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2119527
URL: http://escueladecinemza.com.ar/_installation/mavKbOyR3ru0TK7X8UwbSCe2ayux/?i=1
URL Status:Offline
Host: escueladecinemza.com.ar
Date added:2022-03-29 16:05:08 UTC
Last online:2022-04-23 01:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-29 16:06:10 UTC to abuse{at}hostmar[dot]com,abuse{at}dattatec[dot]com,pablo[dot]pepe{at}adinet[dot]com[dot]uy)
Takedown time:24 days, 9 hours, 10 minutes Bad (down since 2022-04-23 01:17:02 UTC)
Tags:doc emotet link epoch4 heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-03-31XW-154608732327186.xlsmxlsm 894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7Virustotal results 36.51% Heodo
2022-03-31HF-594837117407447.xlsmxlsm b0fa5dda99558a54917cc9a5f6269d440cd8b30ed825f72c837d6e4044d9f628Virustotal results 42.62% Heodo
2022-03-31SM-3544970525.xlsmxlsm 5fe0d5c74d36af2db670ba08c72837740a66a82a2e8f0b206468474195578366n/a Heodo
2022-03-31II-12912582.xlsmxlsm 41f790fa1e0f18e897bdad1de2c9452310c964ab0c50e831d9c1150af849edf4Virustotal results 41.67% Heodo
2022-03-31YYV-2282862.xlsmxlsm eb39b29661d81cbcd7a00f191c61ce9902b80b68e1e03215e56221bfc85863efVirustotal results 39.68% Heodo
2022-03-31UG-300679348857533.xlsmxlsm 6102217f21897ac71dc164ee9cb69526d874d45e748754b44309ae2b1d620880Virustotal results 43.33% Heodo
2022-03-31SH-596991403787800.xlsmxlsm 4f1ab8d0a0a6f8a7964b32b8a4bdd94bad95e6774501cf7685028a40efc761e2n/a Heodo
2022-03-31NML-7472889.xlsmxlsm 4409b097292f1ed1adedbae38fcecf71370a64209f9bb5ffff019b71e8a88533n/a Heodo
2022-03-31OFR-12393804341.xlsmxlsm 764d8e72174b0666952016caf95096e85219dba6554a8ce6db74b8244b3e7590n/a Heodo
2022-03-31JQ-1307398157285.xlsmxlsm 355981d4c8400968deaa8a13a04a79c90bf9aab795af2ff1b3273b825a477968Virustotal results 38.10% Heodo
2022-03-30NZ-19250526127219.xlsmxlsm 0f0f7b2909d785721bac9e084861e0e82096d63f5a895e6b4cd3c02b490dbc9an/a Heodo
2022-03-30WA-2114541372294.xlsmxlsm 4fadf9d0ce08783dd924f9ab1f1691dbdf07251396bb218f92cfef0279739a25Virustotal results 32.26% Heodo
2022-03-30WSE-80654124.xlsmxlsm 96fac13010c22cdd9510ed06c70ed29257b59aa3fc3be17a9515bdcf3596aa51n/a Heodo
2022-03-30SFA-10312550.xlsxls 2c52e5c5b59a9935971907d5a7da5617d5abec8d681b68f50c7201fd3943740fVirustotal results 28.33% SilentBuilder
2022-03-3009337286085288017654.xlsxls 6a42829e15c0d59a451f47b85ef79e416f44ffb13c49dd25eac35478c2f5d303Virustotal results 28.33% Heodo
2022-03-3023872861451546517.xlsxls e6816092d6eb5bec7ab8d5463c45994379e212925e29994c9a28a826b9f0ee92n/a SilentBuilder
2022-03-300042639739.xlsxls dca8eaa3af3959b306af25eed2fa0edff0e0afc2eff8303e02086f3c9e2d24aan/aSilentBuilder
2022-03-30178665696883082.xlsxls c2300b5d42357aec3b193bd2b998f9310b6d2656dc87e0ea5d4fce958c07f315Virustotal results 27.12%SilentBuilder
2022-03-3006295543260820232898.xlsxls aa86d1be623622ae373fc9dcfb7365d513d0e273891e34b480ab2d7b10d6a7bbn/a Heodo
2022-03-30978689829654528.xlsxls 2bfc4e240493a3e6546009b4db75783b3867e2e22f96a077c58853b516bb8da8Virustotal results 21.43% SilentBuilder
2022-03-309768929930.xlsxls 5206671cef156681bda1a374c1140c4dc8e4796b93d323161c15c6767afe3fcfVirustotal results 23.33%SilentBuilder
2022-03-3077984437815.xlsxls ebfa044ba6f3aeb955776b3c5565296472f0f8f6ed2dbb78c25c87f8107de4f3Virustotal results 22.03% Heodo
2022-03-304748986158890.xlsxls d67f14a63d4b1018b28ad7b92dc29791b1aeab26d28ce20b6ef1d538b769df00n/a SilentBuilder
2022-03-30696916834672653.xlsxls 4c11e21253fecf68a6116f5381452e801b0edf62fceac13394d7366685545a9an/a SilentBuilder
2022-03-300901730110645616.xlsxls f1ec936230e60a9c080eee9bd8e29abdfe9959fae0d2fec695d9d43efac61dean/a SilentBuilder
2022-03-3015905556066633104487.xlsxls b4eaeacc2e88877f2ed945d286fb3e537a6aef17314fc0182e7467c4daae0141n/a SilentBuilder
2022-03-30272782185330.xlsxls 9446c54eb7a685ed2b0425e43e20af5e527530c1fe26ed9bfc6764c24dc44c8fn/a SilentBuilder
2022-03-301849501456.xlsxls 0ed4a61da5b83e2f6e1f179296534712391f653cad49956df89b1f9af2651d26Virustotal results 25.00% SilentBuilder
2022-03-30458300787674735.xlsxls 549da6161eec4420a4332d23036934becf47e85be6387e5bbe24654e53925a8bVirustotal results 25.00% SilentBuilder
2022-03-309046942085163375.xlsxls 5e42f72b6f48384d2369d13cce199bc20da44c757705ba69765152d0d1d02f96n/a SilentBuilder
2022-03-30560825507479732234.xlsxls 816d65ef33d77b72f61595fd6bb96e48e21933b9434d2b9c0e8d907a8ed462a9Virustotal results 23.33%SilentBuilder
2022-03-3038900904139733398338.xlsxls 99f00e2a4ed7ffc848c6d17b428903f2234a4279a94026429569afa46cbf1f52n/a SilentBuilder
2022-03-30072713197979243.xlsxls 0064a9e50d81734b02d6e46a0c7438caaac87d97c3a8d2e252d116c08094820bn/a SilentBuilder
2022-03-3051682832387500.xlsxls 562cb8922d82b50caf2e7452a6db106849432c9577c62aca3f1fd5fe90cd5308n/a SilentBuilder
2022-03-309113144196148.xlsxls fd2ecf04bb4da7241599359cdb7b7f3a79197b33968f784ea57336faf2c84ba9n/a SilentBuilder
2022-03-309191608937116.xlsxls 00dc943ad8b806227c7e348971e538f6d3aa287ec1fcd2e645d272d3e0fea436n/a SilentBuilder
2022-03-3094077487764.xlsxls 46883387d2244511c897fc7382aebfa3edae2a47fd6cb411784956b71b609066n/a SilentBuilder
2022-03-309095945474.xlsxls c981f712333fb502b476ca1cb7897b311337e9de3672eeb8776a8811a666aa09n/a SilentBuilder
2022-03-30248224107222118.xlsxls 8bf74e3bd0c2bd417840c78d7de56486295b5ffdf9f9e358a3c4348b5147037dn/a Heodo
2022-03-304999375821.xlsxls 119dde2b16a947658ca5ac6ba63f97a47e26b1fb1d29177c36bbd67ff0bc4252Virustotal results 21.67% Heodo
2022-03-2916617270179740159585.xlsxls 1b7b4de07674b0a896830c649a51473d0c17f4ea18ec4c30001b9886c6af41ddVirustotal results 23.73%SilentBuilder
2022-03-29361631163505779.xlsxls 63d4fcc51abb6b6d64a21ca3912fe0a84c9cfeecca8a1f3862bc07578bbbd84eVirustotal results 23.33%Heodo
2022-03-29873727147681.xlsxls cbcd73a418e0bf221cabd2fdbdd72a9ffb59774bc3a8a94d5a5ba7c6849a8451Virustotal results 21.67%SilentBuilder
2022-03-2973510866627.xlsxls 6ddbab092ea3334218e1a42e8c21dacd63db67a4c382a78095e0712c06d9a667n/a SilentBuilder
2022-03-292596413925.xlsxls 96574330eff6343893aa654e2b1b40e5ce8d6063e690e1335902d2261e7a6dfcn/a SilentBuilder
2022-03-29259400316056.xlsxls 7a8767a9debc9f624b3e871756fc99c0b6f2bcb03b1358705addddaf834ff50bn/a Heodo
2022-03-2996030539757.xlsxls c351a56747e74b98fc88b62bd03aedc0595b589376009b12f2d53cbc01fa9d62n/a SilentBuilder
2022-03-2934668807147866.xlsxls 94f176daba6d8c61d087467a4cd1e400188f443b61f3a4bd55a0959a17be240en/a SilentBuilder
2022-03-29735908303915557.xlsxls f6fcd17a0f9ac625fbdc7082aaf01b5cf749e979bab76a1839c27a3fa804f2efn/aSilentBuilder
2022-03-2947205341980.xlsxls 409d6cb4ec67f0e74ec6a09036063b8203e6ecfc95d24e2518701779773b82b5n/a Heodo