URLhaus Database

You are currently viewing the URLhaus database entry for https://dl.choobingroup.ir/download/hyvPHb6nE/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2120441
URL:	https://dl.choobingroup.ir/download/hyvPHb6nE/?i=1
URL Status:	Offline
Host:	dl.choobingroup.ir
Date added:	2022-03-29 19:40:05 UTC
Last online:	2022-04-02 09:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-03-29 19:41:05 UTC to abuse{at}hetzner[dot]com)
Takedown time:	3 days, 13 hours, 40 minutes (down since 2022-04-02 09:21:47 UTC)
Tags:	doc emotet epoch4 heodo SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-03-31	KDN-47848680.xlsm	xlsm	e5207cd147b8791ae79d2aad037958c960f6bf8f18c4e4e3749174d0ebd3fb62	41.27%	Heodo
2022-03-31	ZZO-41444198266581.xlsm	xlsm	63a772f7b80157698557665066c82cd930d3b1c75cbe50b72fedce8da477c193	n/a	Heodo
2022-03-31	BFS-08354404184.xlsm	xlsm	fcefa2ebaa9e5cce06f5519640eab5413a9b9f6a53ed3fe2f3754c9a610418ba	n/a	Heodo
2022-03-31	LV-770345161261936.xlsm	xlsm	894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7	36.51%	Heodo
2022-03-31	KE-80042853.xlsm	xlsm	a1057f814e603d7b7ff7b711305cac0ef15e48b78499802d411424a19ee235f8	40.98%	Heodo
2022-03-31	GH-32688955.xlsm	xlsm	566c3447fd5a1b7f7f0c942d484a0185bcd747d47f9c487452dcbfed1979bd52	n/a	Heodo
2022-03-31	CV-950931885.xlsm	xlsm	9098c46a233798193c0587711f5a9be2a4aa97567db08504452748dde516053a	n/a	Heodo
2022-03-31	YPN-83428956863108.xlsm	xlsm	5035ae7fff2fb435f53d12c0e8e9a2287956b64dd8acb7bfaf9d534ba59e9839	38.10%	Heodo
2022-03-31	EU-2672222950600.xlsm	xlsm	a4e22b806505d549a037a67123efb6b397193d7d2ff28e32d8b73185438fb5ac	n/a	Heodo
2022-03-31	WX-262741792172112.xlsm	xlsm	ecfb46439586ddfd60ed5763f7b103d7487e94bf095208d8967dd838c5a68c27	n/a	Heodo
2022-03-30	TKS-171114345.xlsm	xlsm	f6d9028f6903f57570a969a97a510120fa11d93ce778cfeac61862c36d6b6bd2	38.98%	Heodo
2022-03-30	II-66148565812257.xlsm	xlsm	39bbb570609ea300f9d959dcf23f2161043c6dedc230f97e7eab2388db651831	37.10%	Heodo
2022-03-30	DKY-7880018.xlsm	xlsm	168a9aa1b5fa37a354fd6ccba71dcd29cbcd503a578504c69feb38bd84a8a691	30.65%	Heodo
2022-03-30	PQ-212019015328861.xls	xls	b154f6087e88d4cdf6449d2bef5b4a4b58a012e8d6e6cd6956f11fc9da110227	26.67%	SilentBuilder
2022-03-30	3118522893440919.xls	xls	3b7de1493be097dcb0cc89361c753b8f43f5de20b45e403c7f809ab2f7d2b03b	24.56%	SilentBuilder
2022-03-30	82072086461.xls	xls	47d56d48a9d1124c93c30fceca3e85139262e561196d7e483048f00952a1dfae	28.81%	SilentBuilder
2022-03-30	0810508003.xls	xls	ee875bfdf282dbcdf5711f1553cefe21d02aa98fff3f24f6802ad8165c34287b	n/a	Heodo
2022-03-30	8719484020531255369.xls	xls	8a6effb1430c591fa0e6e8ac6f84b1991bf8cc18f70a432ae63e6bda131914c6	n/a	Heodo
2022-03-30	90016819968222.xls	xls	7e23ee736d4dfb8a361e8867027e49d1cabadb8a99f76ee5afae043b5a4bffc4	n/a	Heodo
2022-03-30	487911146761431349.xls	xls	8186be5fa976f907436db906f0bfefaf35666e3b7e548beef7727c8206a7312a	n/a	SilentBuilder
2022-03-30	669527669143.xls	xls	ac553e92c95bea557e54d66351d2c1937f8e92b8a5864dba69bdb9299c5b01c0	n/a	SilentBuilder
2022-03-30	491388451305260.xls	xls	b77ecd5a267d2c31bae67daf05f8319cd9545fee260ea343ae5b9ed7de7835b6	23.73%	SilentBuilder
2022-03-30	00697906104130.xls	xls	28c1994bc596421a111c75b795d98b2192edc5aa92b6d1e3adcefd40bd9d0bdf	38.18%	SilentBuilder
2022-03-30	2775357684714476.xls	xls	d4cfb0c8440f63b52a9a6506210f17aa2cbdeac594081472fa3f4c8440fbbc1d	n/a	SilentBuilder
2022-03-30	83249681704398260593.xls	xls	15c3921a1259300f19a57085f37881c7348eb58ea2722c2f9228e97063e99f1a	n/a	SilentBuilder
2022-03-30	71789008707561.xls	xls	ee0751444c28714ba1f0d4228dbfcee7ee0d8fe35176d8ab8ad52fe2d0eca562	n/a	SilentBuilder
2022-03-30	953765547993509268.xls	xls	15b8f817ad756bd04cd33d34f0a4670b25afa33c7ab59f37b322284809532d05	n/a	SilentBuilder
2022-03-30	4473462023859206.xls	xls	2ed370e7b10a0832ccc6c51912b84345f0b6b1a0d19f212a86886497ec9bee8f	n/a	SilentBuilder
2022-03-30	9380280772944657028.xls	xls	9822c8d67fc1931f874b2f4e8677a6eb5492d20aa72d677e4d8309f37108668d	25.00%	SilentBuilder
2022-03-30	354086764456.xls	xls	17ecc742902925465369b5dc8bb6c8c87d9e16a1cdde0c38c3b4264f73029cd6	n/a	SilentBuilder
2022-03-30	032105865219312.xls	xls	02433320fc429e5501fe74535cacb23e587bfb89e0b364937836f6455883c8f8	n/a	SilentBuilder
2022-03-30	498491027622694507.xls	xls	e2c8f7b048b2a2cac1c45dd5eb31845be5a18c3bf585c490467731f963f9ab4c	n/a	SilentBuilder
2022-03-30	37069618715917.xls	xls	819611079dfde3e2cc9e397141523bf02a452b44c2775ad9a12edc0baf827ccb	n/a	SilentBuilder
2022-03-30	787016048061.xls	xls	fcc9433ef4577609340bc031159a9d1329e9f97cd05dc2093d12abe1857691f9	n/a	SilentBuilder
2022-03-30	38087080947557698883.xls	xls	44d5403251abf78bcc06490d12cef37dfb9c334dea049aedafa5e6a86bbfb235	n/a	SilentBuilder
2022-03-30	094440800495348.xls	xls	24ad9d3f78bea240504cbce0249b7039af63a76ace53c784675eddccc8a91de0	n/a	Heodo
2022-03-30	0989031219.xls	xls	795d1cb7302f7f2d226a7a50f9a1dfaca81c320aabc71f47113736bc0712a6a7	n/a	SilentBuilder
2022-03-30	330196718473217930.xls	xls	8e9245a7ff1bf4c43cee8e3b568af8044010cbaa655b23ea98c86a5ac18ca472	n/a	SilentBuilder
2022-03-30	82089655269884.xls	xls	3f55a18289a4defdb2b50e5314a7972d39bd0d4e7e2da0826a91f163eebe2a9c	n/a	SilentBuilder
2022-03-29	8376337934744806686.xls	xls	06b7e588b68d71fcb7b846c7d529df9b5734df14d2059bc6470b9542c9e4360c	n/a	Heodo
2022-03-29	743989172300207870.xls	xls	81258b52123bda431ad827bf686e46b3e10a0d1cc1649e9019d963f38f1fbb2c	n/a	Heodo
2022-03-29	7937427338466792.xls	xls	356debf28f657041708691922d982a91b3574f203a26a6aa11b97a07b4b94030	n/a	SilentBuilder
2022-03-29	702565156149153991.xls	xls	aad0c5e30c759ba08b8442b58511bca8e7326a68f1393e8179be0fe188651a04	n/a	Heodo
2022-03-29	14133981461012629.xls	xls	295e56484dfbaf568bf0515988c02344e0b4e7112b48f6a7e20424da35e3506b	n/a	SilentBuilder
2022-03-29	63866158915806207551.xls	xls	7afe6200950f155c027ed0e711a8400a4afdc11f99603506b75ffc757658d460	n/a	SilentBuilder
2022-03-29	0428173841824163.xls	xls	17be914f3d6a88c006b33cea5ac7e4774eb6c0c57d8ae8b3c7ad07a45d4efa81	n/a	SilentBuilder