URLhaus Database

You are currently viewing the URLhaus database entry for http://economizesa.com.br/cgi-bin/gZSppeiuOneFdNZfubX2iQ/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2120218
URL:	http://economizesa.com.br/cgi-bin/gZSppeiuOneFdNZfubX2iQ/?i=1
URL Status:	Offline
Host:	economizesa.com.br
Date added:	2022-03-29 18:25:06 UTC
Last online:	2022-04-03 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-03-29 18:26:05 UTC to abuse{at}hostgator[dot]com)
Takedown time:	5 days, 2 hours, 59 minutes (down since 2022-04-03 21:25:45 UTC)
Tags:	doc emotet epoch4 heodo SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-03-31	CBI-493545719888.xlsm	xlsm	0e92cfd04405b8b597562761080285f19807c04c48c7278fe7632271ded41c3d	40.00%	Heodo
2022-03-31	AC-1286533.xlsm	xlsm	c171d718d9aecb5ad1e27309660f8da7a568f9798e03d4c6683d7825b5a122c9	n/a	Heodo
2022-03-31	TK-92716229.xlsm	xlsm	894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7	36.51%	Heodo
2022-03-31	CXB-464719973792.xlsm	xlsm	b0fa5dda99558a54917cc9a5f6269d440cd8b30ed825f72c837d6e4044d9f628	42.62%	Heodo
2022-03-31	AIA-4223510747.xlsm	xlsm	62ab476e343b12678cf4018d6d930dd8a13ca58be794dcc0cd82e693a7ed2962	36.51%	Heodo
2022-03-31	UT-0073933.xlsm	xlsm	5fe0d5c74d36af2db670ba08c72837740a66a82a2e8f0b206468474195578366	n/a	Heodo
2022-03-31	OC-84902981795.xlsm	xlsm	41f790fa1e0f18e897bdad1de2c9452310c964ab0c50e831d9c1150af849edf4	41.67%	Heodo
2022-03-31	ZB-23201587826.xlsm	xlsm	db67f0509c5f982c9eb1fab5a17d14ea07d5a1e13b2f5ee3b35ccf93700588e4	38.71%	Heodo
2022-03-31	MX-479893672459298.xlsm	xlsm	30deb7a7086f74317285271a2e26e40dc43b461a1a77c77480ea742b02cbe51f	38.10%	Heodo
2022-03-31	SG-72055158.xlsm	xlsm	265f4ce97b8c4a17c8f27359496edc3f97e2e6926a267fba16797dd5c6e3a70b	45.16%	Heodo
2022-03-31	LYY-62848511.xlsm	xlsm	52f73166b6afefeb75e3e2459eb3b8a48e0c9309f83620f4fdbcfcbedaff3f66	n/a	Heodo
2022-03-31	YVR-02279798212.xlsm	xlsm	70c7353a1e172d428b42bed59b7ddb9a6d1b60c368ec7ae5eb64c0eeed368080	43.55%	Heodo
2022-03-31	DXR-20582338705.xlsm	xlsm	f93f882fe4bac2b1210512c64a2985c99282b49a95a2aaa3bfcf6865d6dd0056	n/a	Heodo
2022-03-30	UCH-445320811482.xlsm	xlsm	02f7ef1691ec8641839243cd9f60e615e9aa574f15080676df8358547eacebda	40.98%	Heodo
2022-03-30	DZN-4437548837.xlsm	xlsm	687a158c15f9b76ec9b11906e548b587dcd7cd319e90477c89b1341f5d6b1ebe	n/a	Heodo
2022-03-30	QOW-595042415485.xlsm	xlsm	7b790cb9f037644da2aa7daf038bef787f020bc8aad1932fb1e8c4c5ab3b4766	32.26%	Heodo
2022-03-30	DFN-407957550.xls	xls	c37ffc0e87ede2e654c4112c8d1b9172041a21bc4174b248ee2c81af738bcaf5	n/a	Heodo
2022-03-30	7732070439805166.xls	xls	00f6421fe8f4847be025bde29b82ccb92d3bb76d95ca4d36c6b87d9f173d3d01	26.67%	SilentBuilder
2022-03-30	844208044525522.xls	xls	afab90f284e5f643a8fa8a6eafd154175a22394254db310f0dcddc607a5ed468	n/a	Heodo
2022-03-30	746798761914.xls	xls	de03ab1d198136ce8f5fba27d87ceed99696fc46da6cb9ce7614b3824e02dec1	25.00%	SilentBuilder
2022-03-30	228039569341.xls	xls	517ad9640522ddd6180f39e1bdf5dff22b469b04cba6c10f4c0d6e3bcca16b19	n/a	SilentBuilder
2022-03-30	197251005851454.xls	xls	aa86d1be623622ae373fc9dcfb7365d513d0e273891e34b480ab2d7b10d6a7bb	26.67%	Heodo
2022-03-30	469099452108177.xls	xls	203c1be5a8f01fb454836563bd0b29fef4caf2983afe37d1cd46feb86d3eb83f	n/a	SilentBuilder
2022-03-30	2765570282757332315.xls	xls	a1ba5ac09b442e2f6efad0a758c88012fb154fbe7efaa640758103f3b1ba01a9	n/a	SilentBuilder
2022-03-30	84561316175801.xls	xls	69d8211fe32a1c511c6fd358005bceb8e19e01d9cc927c01b9f0760c13b75d6c	n/a	Heodo
2022-03-30	547444773950664.xls	xls	680f0f283478f314621677f9fa1388a88017cd003d7173163cdcc4f16cbedfdd	24.56%	SilentBuilder
2022-03-30	4184314033456293.xls	xls	92b068c533ae97aca8470cdbc6e8d3bf23caaf19f593b462e8352e58cf21c352	n/a	SilentBuilder
2022-03-30	47167850349.xls	xls	bcef9c934fe5112b2ca48f5a9ea696c33d3114b345c63d7c331254037faff1a0	n/a	SilentBuilder
2022-03-30	4568139613885170393.xls	xls	9446c54eb7a685ed2b0425e43e20af5e527530c1fe26ed9bfc6764c24dc44c8f	n/a	SilentBuilder
2022-03-30	03458577153625900037.xls	xls	14bdb02d74882b5302b1c28f4beef21d98c62c276f039562eac7c9b9b008deea	n/a	SilentBuilder
2022-03-30	6131119667343.xls	xls	53a8cf28fa59ff225a7a58d4ab09db8ad23bed8afdb2ae42232a8f11acf3553b	n/a	SilentBuilder
2022-03-30	401656930813.xls	xls	4148c2fcfeafb479b13ec8c2b305fd2ebf671b61fe044476575a5b2be2b929db	n/a	SilentBuilder
2022-03-30	098222985215.xls	xls	f30f9c9233859f2549dc271d14fd86bdebcc72c70e9c51ba4606b75cbf745473	n/a	SilentBuilder
2022-03-30	49135395963861501.xls	xls	66115ef823bbc6b8007ee6b6508af174566899af8df63ea1f6707b293153f2bd	n/a	SilentBuilder
2022-03-30	4344059787779.xls	xls	a612e9a7b8f4a08f1b73f5a7e07b586913f327d8bd789ca7ce7c1e6e80883f91	n/a	SilentBuilder
2022-03-30	53386969637225846735.xls	xls	385fc2720a678cc5b53d3d58caa225e7fa24e29c86ff6acecb609afb7659caa4	n/a	SilentBuilder
2022-03-30	4930357817.xls	xls	c12be159aaffc14d6672e97c280868c12ceadd8a60e48769ddefa0d64313e18a	n/a	SilentBuilder
2022-03-30	663486137780.xls	xls	01409366f137f73a060ee83b1e33ce1812614f9182737ebfa8b621d931f2aef4	23.33%	SilentBuilder
2022-03-30	9954264814.xls	xls	8bc576d7a20e6614e7b139a3ee525c37e46da65fcd2d59a8d4adf1b57354ae05	n/a	SilentBuilder
2022-03-29	2262059484.xls	xls	c7e78d00cf4d1eda853fe906d22b26c5e9a03e67f2ab9f2755ee7b7fb8c54ee6	n/a	SilentBuilder
2022-03-29	1267345568.xls	xls	4db12a7472a2427ea88cb16a24494b46824688abd29824abffa27f9366e46f30	n/a	SilentBuilder
2022-03-29	2122926490.xls	xls	b26329204d4a737b51b710c6fb4ca573291be87a1fb5606f0e0b75987c09908f	23.33%	SilentBuilder
2022-03-29	003308283593827511.xls	xls	a679c80a799b163cf0ad3f464c4a1bc023c7d6dd0715662da376d6260a4b9040	24.56%	Heodo
2022-03-29	2607259355542203.xls	xls	6ddbab092ea3334218e1a42e8c21dacd63db67a4c382a78095e0712c06d9a667	n/a	SilentBuilder
2022-03-29	42307640493225426795.xls	xls	344d265223d65f14fe5e136251216baa48b99ba5e8cb3d985ad294f6e003f2df	n/a	SilentBuilder
2022-03-29	9266684469392197621.xls	xls	54d08522ffbd96a675e5aea3d3658b9aeafed3508940f376269fdebe9a930237	23.33%	SilentBuilder
2022-03-29	30476325464635.xls	xls	9ee8c765cc806dba9a3cb89ca942431c9b7fd2b539696103f96589c04703aad5	n/a	Heodo