URLhaus Database

You are currently viewing the URLhaus database entry for http://disweb.sk/lfHCegwZndgMs/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2120475
URL: http://disweb.sk/lfHCegwZndgMs/?i=1
URL Status:Offline
Host: disweb.sk
Date added:2022-03-29 19:51:04 UTC
Last online:2022-07-13 09:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-29 19:52:07 UTC to abuse{at}websupport[dot]sk)
Takedown time:3 months, 15 days, 13 hours, 8 minutes Bad (down since 2022-07-13 09:00:57 UTC)
Tags:doc emotet link epoch4 heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-03-31XDR-6248983382184.xlsmxlsm 36b9445ba8e049935f86955d9c9251334fa60c940b28d69da57f97926e54211fn/a Heodo
2022-03-31GYU-971844247731.xlsmxlsm 290c0e20e4f877da89d3afe0a9712332a45707d9c8a0e8303088cc72ac4285adVirustotal results 38.33% Heodo
2022-03-31GS-5569643633196.xlsmxlsm 764dc9c37da82215bfa8dce451fc0946c901984084015a98478a65bd670835c2n/a Heodo
2022-03-31FH-139195617.xlsmxlsm 894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7Virustotal results 36.51% Heodo
2022-03-31QUL-45131200956656.xlsmxlsm 97f11e4cd509aefb731d8b1a4b299c8ab4096e270f05f52d8e0eb6d2366fa501Virustotal results 38.71% Heodo
2022-03-31MH-960234189182123.xlsmxlsm 5fe0d5c74d36af2db670ba08c72837740a66a82a2e8f0b206468474195578366n/a Heodo
2022-03-31ESQ-98108301.xlsmxlsm 4e313f9f3abefe7d2a05b2d9ce9dae1683f91278ec0ac7cff68b9f232ff656dcn/a Heodo
2022-03-31ICF-3184702.xlsmxlsm 578e2f6c9e64cb4de6991bae88f0e1e8d38afce9fb954c64d9ed303053647d94Virustotal results 38.10% Heodo
2022-03-31FY-26464111995.xlsmxlsm 8ffdaa8f731fe2148ad8c7dd79ce44c3dc17eadb46af64c64a76395fd0e629acVirustotal results 40.00% Heodo
2022-03-31XL-547846494353079.xlsmxlsm f1a59459dc11d8edab701cdd7610dd6310993ddb1aa04ab43f8fc3536040700dn/a Heodo
2022-03-31TM-98742548622.xlsmxlsm 6f7875f81192db87ffea6b495f10f68edb22a26f0cbc22b47cc1fbaf1b160cddn/a Heodo
2022-03-31WGB-111752204171.xlsmxlsm 0c71f0ce426be3dfeacb36cfb08349362327fa6041d1669a1d2ef8b1110bfab3Virustotal results 36.51% Heodo
2022-03-31PQT-775863678653.xlsmxlsm 93e06d8850641586fe31c662da490f8ff442f4f86021f50799e1174dcace1f72n/a Heodo
2022-03-30KYU-174926545495.xlsmxlsm 2b1f1f87033e83e264f05939f180b63165e067861f9c6f1253aedc9c9e1efb6en/a Heodo
2022-03-30AB-8970395.xlsmxlsm 51be5ff843565b3e8fe56f303452e018d305cc846181d2d79d435509b2dc578cVirustotal results 35.00% Heodo
2022-03-30IM-2626958.xlsmxlsm 96fac13010c22cdd9510ed06c70ed29257b59aa3fc3be17a9515bdcf3596aa51n/a Heodo
2022-03-30CKT-070155933838073.xlsxls f3101b6d16751623f8a025bfbf75ae9a32c68b534dccbab4452ee72a9fbe0f5fVirustotal results 28.33%SilentBuilder
2022-03-304631533905032391.xlsxls 3493b3210a3ce325a05cc7da5ffc69d323e0a0a645d8bdfaf1016a2de52ee1b5n/a SilentBuilder
2022-03-30503447967052.xlsxls 92e238cc61611c6ec0b8765d74e30fd645e7929bdebc5172db8e8777b90214cbn/a SilentBuilder
2022-03-30110370292079334244.xlsxls 6f77ca9db21a17fe2178927c42eb4577bb274ccc4fc4020c6ce808b29434ca37n/a SilentBuilder
2022-03-30136406088964006824.xlsxls 248cd85fd7e892435c33370e5ac93d3fe53595ae7358e2e12af1e9f453697513Virustotal results 25.00% SilentBuilder
2022-03-3085841275335741962181.xlsxls aab98f45d46bb130142c523d3b43ee3e208de8048c2e03eb7001c373c0553c00Virustotal results 25.00% SilentBuilder
2022-03-3091503595130631.xlsxls 36525c62881502d638d137eef2414e9659a936b60d0ec784a833edd894e8d76fn/aHeodo
2022-03-301570873698604.xlsxls ef3d086b10d8ff1a6b4e0e8d2b12a320f6c5c03623b0cb931acf667cdc77a6b3Virustotal results 23.33% SilentBuilder
2022-03-307921594274.xlsxls 575ea63eff2b3c61417ebd91a6b84b48aa3a00895587cb2aaf2f312278265454n/a SilentBuilder
2022-03-303835943371799518925.xlsxls b7f5d43b1901da5a003086b8faa4f6f0d1f8af4ed7657fc2d5c74aa5cc621629n/a SilentBuilder
2022-03-304839680561115566792.xlsxls 05bd11c534ccbcecb257194ae6e0424eb2de9623336ea812dcf0e033a873463cn/a SilentBuilder
2022-03-3096729219542.xlsxls bcef9c934fe5112b2ca48f5a9ea696c33d3114b345c63d7c331254037faff1a0n/a SilentBuilder
2022-03-3097168320784391129626.xlsxls ee0751444c28714ba1f0d4228dbfcee7ee0d8fe35176d8ab8ad52fe2d0eca562n/a SilentBuilder
2022-03-3016833725259.xlsxls ead83de1e59469537742bc196a815d261330e012b2864dd56cb91f93de66a3ban/a SilentBuilder
2022-03-3096087551499.xlsxls 1368718563ca6d717e28a11f2ed560ef1e7ebd71253649ab0bd46a45a96e835dn/a SilentBuilder
2022-03-302351941600.xlsxls be30c324bc85d3aa1be2048f89f1cec9c904743add5112f737b689d9f56c1820n/a SilentBuilder
2022-03-300871351780088.xlsxls 0dc5fa042e539195dcbb04e6c1655104e9538a9e293e532aed1b9d28e18cfd69n/a SilentBuilder
2022-03-30268738949654424628.xlsxls 2a5de4f07ce0362b1cdc10c72712206d13a61347bd8e326f37cb10f2336fd02en/a SilentBuilder
2022-03-306214713120463.xlsxls 4d11b3a06dccf68d365ed6fe59059434d439a139e229b490926f875e0fef78b5n/a SilentBuilder
2022-03-30262897152667244.xlsxls 51a8819534ed48bd71579b6e79307358b76ceaae81aafc73cbb8e8b77e977061n/a SilentBuilder
2022-03-30497820547734506989.xlsxls 810ab94aefd1a5dc68f1df21a77fa2a83f96cc60bb42d7887fae6c365713f2e5n/a SilentBuilder
2022-03-309313748020058518.xlsxls a29527126ce0d0f97fe09f82e3d8e555b5c6fba10d6cec9bd9062a2b9d4df7f7n/a SilentBuilder
2022-03-30159670980933595696.xlsxls c7a30f982cf0763c857f2e0e5b13267783a2764655f5addb8b79305c04db0413Virustotal results 23.33% SilentBuilder
2022-03-3003667047295.xlsxls d33967aeb1dd24d0b71c8804770377b3713c0aa8f3944062fe6c1a9e3437a1f3Virustotal results 23.33% SilentBuilder
2022-03-3021105346777232.xlsxls 01409366f137f73a060ee83b1e33ce1812614f9182737ebfa8b621d931f2aef4n/a SilentBuilder
2022-03-3070637058026877977656.xlsxls 6e59acf9d3a2753b58d6e85224cd82fa45cd9e7e392cc4bc18d0577ae539036cn/a SilentBuilder
2022-03-2927285816657588952.xlsxls 2679e534a86f3f3fcab9f9181ebee61529885c3e43e3f25aa9de5c90a5f00a44n/a Heodo
2022-03-29841741793090.xlsxls 4db12a7472a2427ea88cb16a24494b46824688abd29824abffa27f9366e46f30n/a SilentBuilder
2022-03-295067968310877.xlsxls b26329204d4a737b51b710c6fb4ca573291be87a1fb5606f0e0b75987c09908fVirustotal results 23.33% SilentBuilder
2022-03-299969293570345.xlsxls a679c80a799b163cf0ad3f464c4a1bc023c7d6dd0715662da376d6260a4b9040Virustotal results 24.56% Heodo
2022-03-2901488311432371064.xlsxls 0fe0a839f0443f5f4ed8ec44d12841acd9dc15fcd48d5c981483e6463102e4afVirustotal results 23.33% SilentBuilder
2022-03-2976251299497914483.xlsxls 4aadcc867edfd31c7b38808b0cbf59f97bece320ccc624c24e4bb3a4c9dff7caVirustotal results 23.33%SilentBuilder