URLhaus Database

You are currently viewing the URLhaus database entry for http://eipweb.com/cgi-bin/xOmjzaHqorTrUXQ/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2120172
URL:	http://eipweb.com/cgi-bin/xOmjzaHqorTrUXQ/?i=1
URL Status:	Offline
Host:	eipweb.com
Date added:	2022-03-29 17:55:05 UTC
Last online:	2022-06-18 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-03-29 17:56:08 UTC to abuse{at}bluehost[dot]com)
Takedown time:	2 months, 20 days, 14 hours, 57 minutes (down since 2022-06-18 08:53:30 UTC)
Tags:	doc emotet epoch4 heodo SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-03-31	ZXZ-724486206.xlsm	xlsm	896ef5fb12bd10c84fa96213d6a86aa368388e4806b9c882fd601a113482ff74	33.87%	Heodo
2022-03-31	WJ-459213753313476.xlsm	xlsm	36828e7a04990e1d0b2b67ccfa64ea170ff92c77cf92107d904f1e106c1d676b	n/a	Heodo
2022-03-31	FA-2009269077412.xlsm	xlsm	894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7	36.51%	Heodo
2022-03-31	CNS-8872860.xlsm	xlsm	162637428037d1f8f3bd675b122e5b830107b9ea7352c8c765e97a3afbce1231	40.98%	Heodo
2022-03-31	ZJZ-9888580.xlsm	xlsm	5fe0d5c74d36af2db670ba08c72837740a66a82a2e8f0b206468474195578366	n/a	Heodo
2022-03-31	TCP-402408168648480.xlsm	xlsm	96fac13010c22cdd9510ed06c70ed29257b59aa3fc3be17a9515bdcf3596aa51	41.94%	Heodo
2022-03-31	FWC-117574377239632.xlsm	xlsm	a099f9c9c8eff7049da288a1205f1c0ccd52a4954930cabdd7a00dafbe8bbe6d	n/a	Heodo
2022-03-31	ISS-6500893309221.xlsm	xlsm	a43da1637de01a06d72a9d09981de5132b8bd971844704ee9fc7c5e07450a49d	n/a	Heodo
2022-03-31	ZO-80644255946.xlsm	xlsm	52939ecf287fe6bf3435960c423bf17f7ea8452f102024e9aca86cf806fdd533	n/a	Heodo
2022-03-31	BX-0697650.xlsm	xlsm	0c71f0ce426be3dfeacb36cfb08349362327fa6041d1669a1d2ef8b1110bfab3	36.51%	Heodo
2022-03-31	OE-2784212.xlsm	xlsm	ecfb46439586ddfd60ed5763f7b103d7487e94bf095208d8967dd838c5a68c27	n/a	Heodo
2022-03-30	II-343990281400.xlsm	xlsm	f6d9028f6903f57570a969a97a510120fa11d93ce778cfeac61862c36d6b6bd2	38.98%	Heodo
2022-03-30	BE-212564525443.xlsm	xlsm	08e64e582d9d42f5f3a21eaff52bcb72b4a3abfc761561ff28f40bf937dedb2c	35.48%	Heodo
2022-03-30	KZ-9227820404.xlsm	xlsm	7b790cb9f037644da2aa7daf038bef787f020bc8aad1932fb1e8c4c5ab3b4766	n/a	Heodo
2022-03-30	QU-640784724.xls	xls	2fb5d6b4684b1f180fd682f92fc346420c16376d64b8b8ec6b0564247000dc58	n/a	SilentBuilder
2022-03-30	0561453932.xls	xls	3b7de1493be097dcb0cc89361c753b8f43f5de20b45e403c7f809ab2f7d2b03b	24.56%	SilentBuilder
2022-03-30	12030653837098998.xls	xls	4475ab45a2d8b2297f49e985f0d17f5ae879c80cc960e17055819eef352f138c	26.67%	SilentBuilder
2022-03-30	7544195552960.xls	xls	9413cad13f6984ead99ed414e0569446e58817727b472a9ffea3097eb76d2e10	28.33%	SilentBuilder
2022-03-30	0893836752779.xls	xls	b2eb6b0d2399ec53a26411617b183d00a09f80e54adf21f4661cdb254b678578	26.67%	SilentBuilder
2022-03-30	365966793141.xls	xls	5aa5eaa6978bc5dd39ec66d659e21ae075374067866bb46c3447fa2d13f4d99e	26.67%	SilentBuilder
2022-03-30	06401119600895375089.xls	xls	9c35fffa92d67bbca9eac86d6fc450530e6a190f08cd5234dda6a159c4b699cc	n/a	SilentBuilder
2022-03-30	7842889387758533000.xls	xls	69542b3dd50ede56ad6fd0d3841c3aaf9ba207a33dd4053d72d8bf3247be6068	23.33%	SilentBuilder
2022-03-30	4690807059188916.xls	xls	680f0f283478f314621677f9fa1388a88017cd003d7173163cdcc4f16cbedfdd	24.56%	SilentBuilder
2022-03-30	4564493949233330.xls	xls	1f4abd57d6305167ea781e255bf801474d77d7415dc16bfa03bcd9c6afb8e977	n/a	SilentBuilder
2022-03-30	42465761351410826307.xls	xls	b77b0ef522691f56c326dbd8bfd07faa9b30f9426461ff385a1e744c3e469678	n/a	SilentBuilder
2022-03-30	5046034627586263042.xls	xls	17a017e03150a780f08ebd41dde43ac2babb836c2e92674995af925cce5b19df	n/a	SilentBuilder
2022-03-30	315953340847856.xls	xls	c1cbd56f3ba76c3bdd704399b552ac54d6463b6dbbe45adb3334d7178c0ed493	n/a	SilentBuilder
2022-03-30	2191625854096201.xls	xls	53a8cf28fa59ff225a7a58d4ab09db8ad23bed8afdb2ae42232a8f11acf3553b	n/a	SilentBuilder
2022-03-30	7708873462.xls	xls	ed919e7317e9edb91eb7468e26cad1b08ecd328cfb669e1fb95bc2f3171b2ec8	n/a	SilentBuilder
2022-03-30	28859051649360144.xls	xls	19f6caa7a30df844b400ba5f224bd75901e715d328ef9a38903900f0fa773946	25.00%	SilentBuilder
2022-03-30	54801267137201800656.xls	xls	47857229b4e3390c46a0c815ba051979c912f8098d62136f34264d948602e776	n/a	SilentBuilder
2022-03-30	70589908067.xls	xls	0064a9e50d81734b02d6e46a0c7438caaac87d97c3a8d2e252d116c08094820b	n/a	SilentBuilder
2022-03-30	390604200736560846.xls	xls	8268e3b187b04e9310ead1910af5d33341941f04739fe068e06eb341969b71af	25.42%	SilentBuilder
2022-03-30	740040755113396.xls	xls	b1c3d43a1b9fd0f97ca13511fa5bea8e9c537383fd9ca4962779312fc30460ef	n/a	SilentBuilder
2022-03-30	8680496917183523.xls	xls	a29527126ce0d0f97fe09f82e3d8e555b5c6fba10d6cec9bd9062a2b9d4df7f7	n/a	SilentBuilder
2022-03-30	509096791596936461.xls	xls	8afc3601bdf149acb399f6b30fe3188535845cbd8af7c0cf469d02e7524b2b6a	n/a	SilentBuilder
2022-03-30	303745439739.xls	xls	9e567a344081987a4426f78ec523045fd89cefc8790ccd11bc7c7e84a0816144	n/a	SilentBuilder
2022-03-30	3118681615772856374.xls	xls	4b1bbda0a79f94fcfb3e365b20d67277bf11d406f08d6a6417636af0142eea75	22.41%	SilentBuilder
2022-03-30	20711087673052065.xls	xls	3f55a18289a4defdb2b50e5314a7972d39bd0d4e7e2da0826a91f163eebe2a9c	n/a	SilentBuilder
2022-03-29	8488758010.xls	xls	c7e78d00cf4d1eda853fe906d22b26c5e9a03e67f2ab9f2755ee7b7fb8c54ee6	n/a	SilentBuilder
2022-03-29	97259174529.xls	xls	4db12a7472a2427ea88cb16a24494b46824688abd29824abffa27f9366e46f30	n/a	SilentBuilder
2022-03-29	0403293385.xls	xls	b26329204d4a737b51b710c6fb4ca573291be87a1fb5606f0e0b75987c09908f	23.33%	SilentBuilder
2022-03-29	422058110918.xls	xls	67a20d8315c3e1cb24416ae035906dcd81592e4320a2168428e11db1afeee329	n/a	SilentBuilder
2022-03-29	63432398575118674091.xls	xls	37b9f7f289229073f7615e9694ead523ff3f6cdf77a0cf2d0694d910a10ce6b7	n/a	Heodo
2022-03-29	5346386911264793.xls	xls	b10478442a0de8c6a68e9c10f22d7cb2fe59302d1283d184edc5ea41bb607d16	n/a	Heodo
2022-03-29	665871555561923073.xls	xls	e7b03ed1a9795dc92083442565b98454f681a5cb1cbb0c34f4ceed7ca7ef7f67	n/a	SilentBuilder
2022-03-29	24495288066226587.xls	xls	47c9e54827d5eb1bedf091b985d4c3db3dbd311b612c0a62bc274c20f46af944	23.33%	Heodo