URLhaus Database

You are currently viewing the URLhaus database entry for http://ekinbodrum.com/css/4f8AiYrivhAG26y/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2120156
URL:	http://ekinbodrum.com/css/4f8AiYrivhAG26y/?i=1
URL Status:	Offline
Host:	ekinbodrum.com
Date added:	2022-03-29 17:44:04 UTC
Last online:	2022-05-14 09:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-03-29 17:45:06 UTC to abuse{at}hostlab[dot]com[dot]tr)
Takedown time:	1 month, 15 days, 15 hours, 48 minutes (down since 2022-05-14 09:33:09 UTC)
Tags:	doc emotet epoch4 heodo SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-04-04	NTS-8972369817.xlsm	unknown	d6a0c64657e8ae8f3cc4f7c889bc274239350ec34d2d77e7329e41bbc456a93a	8.62%
2022-04-04	NTS-8972369817.xlsm	unknown	0e06e6b65cb58876edb109c097794669b36079a67c95834982acd6c681b366d8	n/a
2022-03-31	IF-59279030530753.xlsm	xlsm	894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7	36.51%	Heodo
2022-03-31	JIY-0189420.xlsm	xlsm	162637428037d1f8f3bd675b122e5b830107b9ea7352c8c765e97a3afbce1231	40.98%	Heodo
2022-03-31	OJ-759855137210587.xlsm	xlsm	5fe0d5c74d36af2db670ba08c72837740a66a82a2e8f0b206468474195578366	n/a	Heodo
2022-03-31	UW-32332182.xlsm	xlsm	100a059429276f981fa6268ee948f1403f73c2fdd01e41148fbea55e773bb1bc	n/a	Heodo
2022-03-31	ID-2431302936.xlsm	xlsm	65b87a95369159fb3d54556f3f316f9e13eadd8b95e9e13f6a8d9cc79f43a8e6	40.68%	Heodo
2022-03-31	NJP-61153607.xlsm	xlsm	00ea616ce33ef49268a2d6046f588bb73c80b7a90ae6e5e5067938d72e858564	n/a	Heodo
2022-03-31	DA-7856688258.xlsm	xlsm	6ba49c8a1bc5dddfc74a33d1c6f53df15e682043f2e3e66963ef4577191206cd	n/a	Heodo
2022-03-31	NR-8742682960.xlsm	xlsm	638588dd97949a25ee7322aa73731204406054bf2db2043063ebfdc82d353f65	n/a	Heodo
2022-03-30	PV-709093708.xlsm	xlsm	2909468da77be7c90d3c57fa66be2e6250afde34bd400f2c815be9bfd89be7dd	n/a	Heodo
2022-03-30	XOU-1518799481.xlsm	xlsm	70c7353a1e172d428b42bed59b7ddb9a6d1b60c368ec7ae5eb64c0eeed368080	33.90%	Heodo
2022-03-30	ZM-3520215752.xls	xls	2fb5d6b4684b1f180fd682f92fc346420c16376d64b8b8ec6b0564247000dc58	n/a	SilentBuilder
2022-03-30	25581852728750830.xls	xls	351b340794aa53151cbfc28a0915520349e8d2d2d33a41efd0c82e71dffcc9b2	28.33%	Heodo
2022-03-30	51526526081.xls	xls	4475ab45a2d8b2297f49e985f0d17f5ae879c80cc960e17055819eef352f138c	26.67%	SilentBuilder
2022-03-30	96825160831521276275.xls	xls	786cdbbcab12d6076e895521a41dc5e5bd48fd09dbc85d4843a128c04dec73c2	n/a	SilentBuilder
2022-03-30	58722116431620894.xls	xls	f9fb4d5914f4d35aadbdf779dafd269c3581ca7296e7d927d8acdb38b5bf5a2b	n/a	Heodo
2022-03-30	723993436198010.xls	xls	7e23ee736d4dfb8a361e8867027e49d1cabadb8a99f76ee5afae043b5a4bffc4	26.67%	Heodo
2022-03-30	156435249524.xls	xls	18620190f7162d9df017a561138e2ee83549e1aab9382f9b29b27542a490a169	n/a	SilentBuilder
2022-03-30	3348384591.xls	xls	7b104224ca183d73b657b9fde19b9889e4c25eed58259d1990bd0feb59f3a740	n/a	SilentBuilder
2022-03-30	6156200633340.xls	xls	69d8211fe32a1c511c6fd358005bceb8e19e01d9cc927c01b9f0760c13b75d6c	n/a	Heodo
2022-03-30	31278838867366.xls	xls	9aae3a9d0d57dec1eb2e6151e4930c4624c95638ea038cfcd64436bf32abb39f	n/a	Heodo
2022-03-30	0685390536208490715.xls	xls	d4cfb0c8440f63b52a9a6506210f17aa2cbdeac594081472fa3f4c8440fbbc1d	n/a	SilentBuilder
2022-03-30	5617566064560.xls	xls	53695dcf97841c90ec048a84804fbdd56aca83a71ad0ea445d6606181c7fcd64	n/a	SilentBuilder
2022-03-30	0800302659445.xls	xls	2b82324426c06592a76bf7c5c8aa1dee1ce453a2735ecdb3d54a179a452bc4b9	n/a	SilentBuilder
2022-03-30	3965381491153901870.xls	xls	b0bb73b26ef4bb7bbfc7a11f9623721be84f3b00cab0c87a0a89597f79cc9be4	n/a	SilentBuilder
2022-03-30	4922106406.xls	xls	4d57182432ade39fbabce23e685ff21cc1d6cf5966f8bf69e222d84d6c2176e4	n/a	SilentBuilder
2022-03-30	622421856800207.xls	xls	2ed370e7b10a0832ccc6c51912b84345f0b6b1a0d19f212a86886497ec9bee8f	n/a	SilentBuilder
2022-03-30	35455352588.xls	xls	fc11990e224dccd621a3e096de9d3ba9ea970ea8434a56a20ff5dbf00ac1bd90	25.00%	SilentBuilder
2022-03-30	02012218097151.xls	xls	54a4af2bca66a6a370cf8cef6558048fdc01232749e0da6feb0842c73ec34854	n/a	SilentBuilder
2022-03-30	82278018569757647.xls	xls	99f00e2a4ed7ffc848c6d17b428903f2234a4279a94026429569afa46cbf1f52	n/a	SilentBuilder
2022-03-30	123496868717.xls	xls	996fdc85f7db15b75ad84ae9c548b13c128a222af239737a7a5cadd42ee4757a	n/a	SilentBuilder
2022-03-30	80820796667187192924.xls	xls	85a517c8a98c039c699d728c89dd5cd5aa6aac0c77601894e0c40a528d987736	n/a	SilentBuilder
2022-03-30	398895429295930876.xls	xls	b1f9a8c2b79e9e80247652fcb54a87ead4d7b32c51769ae1622b94d9af3edeec	21.67%	SilentBuilder
2022-03-30	99383618432126.xls	xls	6280ad828511d4eb90c7c03d7f193d8f55f363f130e0c4aacc7481220313b846	n/a	SilentBuilder
2022-03-30	6049168926.xls	xls	f37c6c8662785514f852d04f94ac6b2217b3c5244e84dae528f13c5b8b95daec	n/a	SilentBuilder
2022-03-30	4260199724732154981.xls	xls	4b1bbda0a79f94fcfb3e365b20d67277bf11d406f08d6a6417636af0142eea75	22.41%	SilentBuilder
2022-03-30	30168688225806219566.xls	xls	6e59acf9d3a2753b58d6e85224cd82fa45cd9e7e392cc4bc18d0577ae539036c	n/a	SilentBuilder
2022-03-29	5256570838385948318.xls	xls	5945c872c336b1839e2d24e8ade8c28cd4bfda3b45281798c978e0989334a219	n/a	Heodo
2022-03-29	959226545565.xls	xls	cf32dd8b34af56ba98e8e60de33e463349578b7c5f034c6b5394c1de65d8b3bb	n/a	SilentBuilder
2022-03-29	03098537249.xls	xls	81ba58623792becf40d816c7b68f709ae3ff2985753490501f12ea3987f9bb5e	21.67%	SilentBuilder
2022-03-29	44266079139.xls	xls	780842ee666eee15433cecc5089ad60af4b2d3c041d601a6863f9d6b036c7934	22.03%	SilentBuilder
2022-03-29	4105326218767840226.xls	xls	6741b0effa1844c85e25015d8c01ab0330e793dc563cfe2977746f5eb7a37fd3	n/a	SilentBuilder
2022-03-29	0674283652228660688.xls	xls	6d7f03a15d7e07cfbc738ccb0b064abc31733873e7ddc662815454136a5fbc42	23.33%	SilentBuilder
2022-03-29	76538213995301.xls	xls	aa7f8032eea8a66f2a2fcb725bfc16899f61552dfb4e2e7b9c6a4d1bfad9d604	n/a	SilentBuilder
2022-03-29	1819488127855162.xls	xls	912ef80d96550207598474c59820892d1bf52be76ac1c04f833228027a222f0c	n/a	SilentBuilder
2022-03-29	0649051362087851573.xls	xls	c92ded7a25787ebf85924eaa3bcda461a2f4bcd31f482604e652d7334645fe1d	22.81%	Heodo
2022-03-29	28457499418278159.xls	xls	0c25f93da9444156e572c7d66e1076bd12ecb8dc6efb16d485da111c8b47739f	n/a	SilentBuilder