URLhaus Database

You are currently viewing the URLhaus database entry for http://ejder.com.tr/test/fcgi/SiBGrSshw61K77JI/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2120167
URL: http://ejder.com.tr/test/fcgi/SiBGrSshw61K77JI/?i=1
URL Status:Offline
Host: ejder.com.tr
Date added:2022-03-29 17:53:04 UTC
Last online:2022-03-30 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-29 17:54:06 UTC to abuse{at}talido[dot]com)
Takedown time:1 day, 4 hours, 16 minutes Poor (down since 2022-03-30 22:10:44 UTC)
Tags:doc emotet link epoch4 heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-03-30GI-23604127.xlsxls 2fb5d6b4684b1f180fd682f92fc346420c16376d64b8b8ec6b0564247000dc58n/a SilentBuilder
2022-03-30YHR-2251887142.xlsxls f0beb35ec05b2573e3690db6e67f03dfd61681549208e49e015a7cd815e86d10Virustotal results 28.33%SilentBuilder
2022-03-300645946815006895040.xlsxls 6fc96a58c317377d9ff8276f95b48d0891d63dfae2c3ec8b8960037107578322n/a SilentBuilder
2022-03-305814493148273346672.xlsxls c2300b5d42357aec3b193bd2b998f9310b6d2656dc87e0ea5d4fce958c07f315Virustotal results 27.12%SilentBuilder
2022-03-3017156119256616092.xlsxls aa86d1be623622ae373fc9dcfb7365d513d0e273891e34b480ab2d7b10d6a7bbn/a Heodo
2022-03-302410360914619711929.xlsxls b2565c24c9c72461d71c25df5d6ea291c53cd27725217f8c6585653cbdf72648Virustotal results 25.00%Heodo
2022-03-30367371904524.xlsxls 0ca97e0da60bdc40cac1f0c63b6916e0976650209ca917398fa40999f7783073Virustotal results 25.00% SilentBuilder
2022-03-3029354791707658.xlsxls c1991922f16591d906546a6926fe301adb9fc66062b1dbd56e400a7cef59014eVirustotal results 25.00%SilentBuilder
2022-03-3076306481520866287105.xlsxls d67f14a63d4b1018b28ad7b92dc29791b1aeab26d28ce20b6ef1d538b769df00n/a SilentBuilder
2022-03-3021648387100966.xlsxls 185204149aa8b6eb5131f0eb6ce8643d18b24f0969b32bd6a8f36774d4ce0b9en/a SilentBuilder
2022-03-3076893631853.xlsxls 947a2faee407c9cb8a073f40b886b47dac2898e9a318202e1206fcfa0720d2fbn/a SilentBuilder
2022-03-30112078889866821.xlsxls d589f05195ccab181fc35532443a5d6efd2d98dc867c149f4e32196a24557422n/a SilentBuilder
2022-03-3039564925627.xlsxls 27689adb180da1eb3e8798172f075cb53164f1cea3502d0dbf09727810c3aee8n/a Heodo
2022-03-305764470872.xlsxls 549da6161eec4420a4332d23036934becf47e85be6387e5bbe24654e53925a8bVirustotal results 26.67% SilentBuilder
2022-03-3047625204672.xlsxls ed919e7317e9edb91eb7468e26cad1b08ecd328cfb669e1fb95bc2f3171b2ec8n/a SilentBuilder
2022-03-3016016226804249.xlsxls 17ecc742902925465369b5dc8bb6c8c87d9e16a1cdde0c38c3b4264f73029cd6n/a SilentBuilder
2022-03-3061883011065584007671.xlsxls 66115ef823bbc6b8007ee6b6508af174566899af8df63ea1f6707b293153f2bdn/a SilentBuilder
2022-03-3097846216959525812.xlsxls 4d11b3a06dccf68d365ed6fe59059434d439a139e229b490926f875e0fef78b5n/a SilentBuilder
2022-03-30375347362887904123.xlsxls 4049f60f0d4b2bde89b6e0f8474744ae0eba1eab4ce2a4e33066e480db5f9105n/a SilentBuilder
2022-03-309026552959174.xlsxls 459b54f01ba74dc3ecc3a710a11a380049b0858bcdbf1be8a2a601ec2b6b436bn/a SilentBuilder
2022-03-3026243335800811.xlsxls 4c775dc66dd1e7eefeb86433444c9bbc877514e792cb453c194199333d0aba86n/a SilentBuilder
2022-03-3016313057170149202654.xlsxls 6280ad828511d4eb90c7c03d7f193d8f55f363f130e0c4aacc7481220313b846n/a SilentBuilder
2022-03-3033823775371284120.xlsxls 9e567a344081987a4426f78ec523045fd89cefc8790ccd11bc7c7e84a0816144n/a SilentBuilder
2022-03-300304559857.xlsxls 01409366f137f73a060ee83b1e33ce1812614f9182737ebfa8b621d931f2aef4n/a SilentBuilder
2022-03-3058792647132001456170.xlsxls 119dde2b16a947658ca5ac6ba63f97a47e26b1fb1d29177c36bbd67ff0bc4252n/a Heodo
2022-03-29892688187930.xlsxls 1b7b4de07674b0a896830c649a51473d0c17f4ea18ec4c30001b9886c6af41ddn/aSilentBuilder
2022-03-298954539138990476533.xlsxls ccb548d41cebfcba2c1b04912fb4f992cca90e013536c6716e1cb2b8145b98d6n/a Heodo
2022-03-2903123831900.xlsxls f3daec8edc00ed830633da822f31e2ad20e1a27bff73831a2d6521ac7f4deef0n/aSilentBuilder
2022-03-294939752393208471.xlsxls a8f23c56a399460b343da3455440d72e3dcea2813ccbfff49f70439a719685aen/aSilentBuilder
2022-03-2904335426071301422909.xlsxls d0dcb5614fc199cac0c2e01c32f8a6c20190be37070e392f783a7057427ee9ecn/aSilentBuilder
2022-03-2935958805602.xlsxls bf933a14cec5ea31d34554cd1266b7041c4e340c7979e0a80d4307bfd5567041n/a Heodo
2022-03-29638159038853.xlsxls 2991ed1a7c407560235f2e70569730e124d3365a4aa7e5b1b0ff01c2235a3cd7n/a SilentBuilder
2022-03-29658400770853.xlsxls b8815fc4a5adf0e8d11f79313180c3c444b056d9cceda1e151bd29a2dbd4b312n/a SilentBuilder
2022-03-298353264701973960.xlsxls 5f9fa7d4e83fcb1c43adfec5645e4c5c89c9fda111fcc3258eb052aa51eb1206Virustotal results 21.67% Heodo
2022-03-29218459332472116.xlsxls 5691694a5a474b4ed57e0b20e092a353632ee1c6ccdb74e4ad8ee2e7389cc41en/a SilentBuilder