URLhaus Database

You are currently viewing the URLhaus database entry for https://edsadesigns.co.uk/cgi-bin/l6rMKTIuBBWe88viwfy/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2120197
URL: https://edsadesigns.co.uk/cgi-bin/l6rMKTIuBBWe88viwfy/?i=1
URL Status:Offline
Host: edsadesigns.co.uk
Date added:2022-03-29 18:10:05 UTC
Last online:2023-01-21 08:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-01-21 08:37:06 UTC to abuse{at}20i[dot]com)
Takedown time:9 months, 27 days, 15 hours, 58 minutes Bad (down since 2023-01-21 10:09:35 UTC)
Tags:doc emotet link epoch4 heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-03-30427329080854506073.xlsxls 4d57182432ade39fbabce23e685ff21cc1d6cf5966f8bf69e222d84d6c2176e4n/a SilentBuilder
2022-03-30034068489191580.xlsxls ed919e7317e9edb91eb7468e26cad1b08ecd328cfb669e1fb95bc2f3171b2ec8n/a SilentBuilder
2022-03-3003634107354120699.xlsxls fc11990e224dccd621a3e096de9d3ba9ea970ea8434a56a20ff5dbf00ac1bd90n/a SilentBuilder
2022-03-309066996226024109175.xlsxls 905937ee43f2fc5221d18f42e0e1b2514bd1059016ddac70a5fe00c2092cf34an/a SilentBuilder
2022-03-302104356351.xlsxls 7bc0a080f39d5c19c14ef549d30373cf03116dd942536ee0c02249e4f94fafben/a SilentBuilder
2022-03-301356925483.xlsxls baeb760a4a2fdf0f069b44b5a653a56d5ff1b0f2b52c0cb3942930c7aebf1218n/a SilentBuilder
2022-03-30584682213018.xlsxls 85a517c8a98c039c699d728c89dd5cd5aa6aac0c77601894e0c40a528d987736n/a SilentBuilder
2022-03-301736705375318046785.xlsxls 8afc3601bdf149acb399f6b30fe3188535845cbd8af7c0cf469d02e7524b2b6an/a SilentBuilder
2022-03-30953129705553507.xlsxls 30ca6fe2cdcf114cf2d4aaf09ec92ff5ef2f13a9ecf72ca8a5d37195f6688aa3n/a SilentBuilder
2022-03-300546516213352821.xlsxls 795d1cb7302f7f2d226a7a50f9a1dfaca81c320aabc71f47113736bc0712a6a7n/a SilentBuilder
2022-03-301942565295145132.xlsxls 8e9245a7ff1bf4c43cee8e3b568af8044010cbaa655b23ea98c86a5ac18ca472n/a SilentBuilder
2022-03-30662805954186192406.xlsxls b8d670ca1984f7ecc9e90c4bc0c4c4d96172690aead7080171735f96c11ba21fn/a SilentBuilder
2022-03-2970091519288580789.xlsxls d97c0128350e74d1f6eaa63deb4da2dcfc20f1f9d1f8e05a02f32edb9291290dn/a SilentBuilder
2022-03-2931687752080.xlsxls b1508583a1d90eee517cfa05a70bd0af91a019d4013d8787a56c9b4587dea218n/aSilentBuilder
2022-03-29769620113814.xlsxls aaee3938fc9d4367e8f5ba7152bc25fa87d80c80f7db8d68396d16b24b248498n/a Heodo
2022-03-2985064998443269245.xlsxls a9d6a9012999a42d370302b30ec394941e0482c23b21e6688f717663fd768844Virustotal results 23.33% Heodo
2022-03-29287413121579079369.xlsxls 11e70111e9b0b2a96a3a73fb5ac9850c0c9dc0ca7582ac82c76d12a81a42c787n/a Heodo
2022-03-29659089101160582706.xlsxls aa7f8032eea8a66f2a2fcb725bfc16899f61552dfb4e2e7b9c6a4d1bfad9d604n/a SilentBuilder
2022-03-299433986157873.xlsxls 366adc2e4e00c246f9a2a1098ec0a355f457480203eca3a7402695cef7d6bab3n/a Heodo
2022-03-299220483229954091808.xlsxls 5f9fa7d4e83fcb1c43adfec5645e4c5c89c9fda111fcc3258eb052aa51eb1206Virustotal results 21.67% Heodo
2022-03-2977193426300094470144.xlsxls 832e53d262f912675fa5e4d34bae26ffa4fddfe7b80687aa7b36156f912b6fbfn/aSilentBuilder