URLhaus Database

You are currently viewing the URLhaus database entry for http://escgayrimenkul.com/cgi-bin/FdUYrA1SAQhjYhmuce6XHiD/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2119535
URL:	http://escgayrimenkul.com/cgi-bin/FdUYrA1SAQhjYhmuce6XHiD/?i=1
URL Status:	Offline
Host:	escgayrimenkul.com
Date added:	2022-03-29 16:16:04 UTC
Last online:	2022-04-02 17:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-03-29 16:17:04 UTC to abuse{at}bluehost[dot]com)
Takedown time:	4 days, 1 hours, 4 minutes (down since 2022-04-02 17:21:08 UTC)
Tags:	doc emotet epoch4 heodo SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-03-31	YW-3979203995350.xlsm	xlsm	894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7	36.51%	Heodo
2022-03-31	UPH-03819997831.xlsm	xlsm	97f11e4cd509aefb731d8b1a4b299c8ab4096e270f05f52d8e0eb6d2366fa501	38.71%	Heodo
2022-03-31	MQ-40691725.xlsm	xlsm	b034cfc88c6603dc0f5519ecba2dbba8c5382b26b8c25da23f8d40368ce8e7b5	33.87%	Heodo
2022-03-31	PCF-164683863.xlsm	xlsm	6102217f21897ac71dc164ee9cb69526d874d45e748754b44309ae2b1d620880	40.32%	Heodo
2022-03-30	HCO-61202990253.xlsm	xlsm	39bbb570609ea300f9d959dcf23f2161043c6dedc230f97e7eab2388db651831	37.10%	Heodo
2022-03-30	MOW-416215405124.xlsm	xlsm	a635724502ddf792c6bc78f232c678f559b02ac1baa5cb61f924b6d2d7aeccd0	39.66%	Heodo
2022-03-30	KP-5229896.xls	xls	31ad327541ee0627096151e901dee22241e584b78b52c17eee5a1c40a6f25490	25.42%	SilentBuilder
2022-03-30	2642804857204926630.xls	xls	3493b3210a3ce325a05cc7da5ffc69d323e0a0a645d8bdfaf1016a2de52ee1b5	26.67%	SilentBuilder
2022-03-30	7434191631.xls	xls	e6816092d6eb5bec7ab8d5463c45994379e212925e29994c9a28a826b9f0ee92	n/a	SilentBuilder
2022-03-30	21392352387.xls	xls	d5f2d5f02c59a803bf893a762e415bbc73fb5f9bf24595dfccc683b1a6a4276c	n/a	SilentBuilder
2022-03-30	16549269244058.xls	xls	2ba33211dbb1821465ce7c7f6a909d39aa96f40ded8ddf32f7710400542876e1	n/a	Heodo
2022-03-30	331580684445.xls	xls	bdaa48d2231c1b2486ed207cdf3114a4df1292b4defcef137daabfe6bc8070a5	n/a	SilentBuilder
2022-03-30	4186623806741278469.xls	xls	e611b90b8bc15c80bb5f0082078206905163b422bcd2afba293b7c1b673d7abf	n/a	SilentBuilder
2022-03-30	77746370997497.xls	xls	6c3c1ceff2ee60d10947b652910cfe07a5a89db87ca507ef674e29e55d58a7a6	23.73%	SilentBuilder
2022-03-30	652255264990149.xls	xls	7143175fc3b45a138566f093a1985efc2564810ae4d8b541b63ec7570f121339	14.89%	Heodo
2022-03-30	398277557755.xls	xls	061216d57577da5b9c7c95e57d26f695be2a2c7be18b94baf676719e6be08d66	n/a	SilentBuilder
2022-03-30	052204103580914.xls	xls	1f4abd57d6305167ea781e255bf801474d77d7415dc16bfa03bcd9c6afb8e977	n/a	SilentBuilder
2022-03-30	651992839502344198.xls	xls	bfc4346b81b8cab420b161be78ca4bb5c5451f4342fe4334900389f56b8bdfcc	n/a	SilentBuilder
2022-03-30	0695762825.xls	xls	2b82324426c06592a76bf7c5c8aa1dee1ce453a2735ecdb3d54a179a452bc4b9	n/a	SilentBuilder
2022-03-30	4038661178591.xls	xls	9ac2d9b09fb438722746956ab539706646f6999e4f41d608a15e5d7be2f03a6f	n/a	SilentBuilder
2022-03-30	38714150153559606.xls	xls	4d57182432ade39fbabce23e685ff21cc1d6cf5966f8bf69e222d84d6c2176e4	n/a	SilentBuilder
2022-03-30	55841342725855.xls	xls	ed919e7317e9edb91eb7468e26cad1b08ecd328cfb669e1fb95bc2f3171b2ec8	n/a	SilentBuilder
2022-03-30	4636129398668.xls	xls	fc11990e224dccd621a3e096de9d3ba9ea970ea8434a56a20ff5dbf00ac1bd90	25.00%	SilentBuilder
2022-03-30	313791149850358.xls	xls	905937ee43f2fc5221d18f42e0e1b2514bd1059016ddac70a5fe00c2092cf34a	n/a	SilentBuilder
2022-03-30	4968533963.xls	xls	60c10b6c651a9926b3b26455439340955ed88932bfbe0b5908534088eeb92037	n/a	SilentBuilder
2022-03-30	75168320273.xls	xls	562cb8922d82b50caf2e7452a6db106849432c9577c62aca3f1fd5fe90cd5308	n/a	SilentBuilder
2022-03-30	4918462463.xls	xls	5d07768d877f9d761c1fe49cf016d97f4195d6d138a24dd6d936faa5654ce764	23.33%	SilentBuilder
2022-03-30	50137899684720209244.xls	xls	9e011d77b179dc3075654faa2f570ff83e31cb879ef14891e49805831790a329	25.00%	SilentBuilder
2022-03-30	4264625592.xls	xls	48de62f0ea202f9f6a63f26983545a5c456251ffe79dc9d394d8a599c8069208	n/a	SilentBuilder
2022-03-30	97527895405588.xls	xls	795d1cb7302f7f2d226a7a50f9a1dfaca81c320aabc71f47113736bc0712a6a7	n/a	SilentBuilder
2022-03-30	19610099471974937.xls	xls	8e9245a7ff1bf4c43cee8e3b568af8044010cbaa655b23ea98c86a5ac18ca472	n/a	SilentBuilder
2022-03-30	104941405077404.xls	xls	b8d670ca1984f7ecc9e90c4bc0c4c4d96172690aead7080171735f96c11ba21f	n/a	SilentBuilder
2022-03-29	55278408125.xls	xls	a7d32a6ad1390861e427965afd7fdab97df7cfc63b6eee10247c5e03d6e83bd1	n/a	SilentBuilder
2022-03-29	2158827860412197227.xls	xls	cf32dd8b34af56ba98e8e60de33e463349578b7c5f034c6b5394c1de65d8b3bb	n/a	SilentBuilder
2022-03-29	32646880115276215.xls	xls	3e97f09fc53890ba2d5ae2539b5c8df372ed2506ed217d05ff2cf8899d15b8e6	n/a	SilentBuilder
2022-03-29	32846140543166274.xls	xls	ed2f8d7e4690bad774218068fb147924da6ac0dc68f5329699e01075b866a262	n/a	SilentBuilder
2022-03-29	2519862682472620.xls	xls	bc35c9548837ac5fe336c7e42965272c5bc571c06c2bff143deba56cfdcf8f3b	n/a	SilentBuilder
2022-03-29	3704943443.xls	xls	11e85a3bcab8d5d4f43929a8cf0783d612f20f10f38a0d84e702f110e149e565	23.33%	SilentBuilder
2022-03-29	87409012460368943.xls	xls	d35e74f5e8250188d382b47a3c7a6804501f2ba7830d3ff47597207256487ee0	n/a	Heodo
2022-03-29	63686952613699.xls	xls	fed653b6d6b107a271c13302a2df3109edc3833db5d2b947f0471fe97b2a0ba0	22.03%	Heodo
2022-03-29	5562695380.xls	xls	86b13aa1fccdc55676730cebc42451a0b238f65af9d6c2b47d6f91508e4b626e	23.33%	SilentBuilder
2022-03-29	575782310692.xls	xls	d95969e51a63d943f36d9d5189079e570a3d5eefa5abb6c24c243ca139b5788d	n/a	SilentBuilder
2022-03-29	30574368876053388.xls	xls	04875c7681484f64bb4bfa3232a4892a93e00c148b57a96030400caafd1168d6	n/a	SilentBuilder