URLhaus Database

You are currently viewing the URLhaus database entry for https://bitmovil.mx/css/EsPtxFjbTTLe8hebj7HPu8RJ1HtcEt/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2120525
URL: https://bitmovil.mx/css/EsPtxFjbTTLe8hebj7HPu8RJ1HtcEt/?i=1
URL Status:Offline
Host: bitmovil.mx
Date added:2022-03-29 20:35:05 UTC
Last online:2022-04-05 18:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-29 20:36:07 UTC to abuse{at}bluehost[dot]com)
Takedown time:6 days, 21 hours, 26 minutes Bad (down since 2022-04-05 18:02:59 UTC)
Tags:doc emotet link epoch4 heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-03-31YO-9208483683.xlsmxlsm 83a8039af1534f4fc93efcdb7e429c799f144ace1f33b37ca42a57ee7a559499Virustotal results 45.90% Heodo
2022-03-31QHU-4663948981.xlsmxlsm 522056ad088097c5c827ddabc4a8e7ad95b16563043dcfde8aa2fc4b0df81a1fVirustotal results 41.94% Heodo
2022-03-31QKQ-2116522633.xlsmxlsm 75f0362196443080531377973dbab9153eecc5ae78da6a2e94b492580d2bdf7an/a Heodo
2022-03-31PHH-10412325.xlsmxlsm fcefa2ebaa9e5cce06f5519640eab5413a9b9f6a53ed3fe2f3754c9a610418ban/a Heodo
2022-03-31LP-6640643339731.xlsmxlsm 894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7Virustotal results 36.51% Heodo
2022-03-31CI-073067337561.xlsmxlsm b034cfc88c6603dc0f5519ecba2dbba8c5382b26b8c25da23f8d40368ce8e7b5Virustotal results 33.87% Heodo
2022-03-31XR-60686497118.xlsmxlsm d2a2d43a504e399e25c00b0903aa12cf19b7133c168606e1f66fc93323d3f65dVirustotal results 41.94% Heodo
2022-03-31OV-3836251.xlsmxlsm 741ce52756ec7af61733cc38585600581961b56bc885e46393e6e2028bb8efben/a Heodo
2022-03-31WLZ-474239859953.xlsmxlsm c3a5d5bc890f935056c127bdeda35cfcfbb8e292e59774a24ca5611e94430907Virustotal results 37.70% Heodo
2022-03-31UEY-507085903673587.xlsmxlsm 168a9aa1b5fa37a354fd6ccba71dcd29cbcd503a578504c69feb38bd84a8a691Virustotal results 42.62% Heodo
2022-03-31RQS-32028153.xlsmxlsm 41a73a914406df97e2944f7742f48272bab7d25486c9c2a5084a7f158fdb2aafn/a Heodo
2022-03-31AX-593060562.xlsmxlsm 4409b097292f1ed1adedbae38fcecf71370a64209f9bb5ffff019b71e8a88533n/a Heodo
2022-03-31VVS-337607006485.xlsmxlsm a2a6316f243f33f05d36dfd4cb792e9b168c4550ffa27f50a585bfd57fa76cf1n/a Heodo
2022-03-31DAG-9326969363931.xlsmxlsm 638588dd97949a25ee7322aa73731204406054bf2db2043063ebfdc82d353f65n/a Heodo
2022-03-30BA-416735440872955.xlsmxlsm b4f7a7bd6f99c0ea09617160e6bf753419f6d731901828662049ac8abfed4959n/a Heodo
2022-03-30QA-955811841592869.xlsmxlsm 51be5ff843565b3e8fe56f303452e018d305cc846181d2d79d435509b2dc578cVirustotal results 35.00% Heodo
2022-03-30OE-22393280.xlsmxlsm 96fac13010c22cdd9510ed06c70ed29257b59aa3fc3be17a9515bdcf3596aa51n/a Heodo
2022-03-30HC-4715703.xlsxls 82be92d18fb73fad9b6f0e90da074abbf2aaffd91c4493491620452f19bd281dVirustotal results 26.67%SilentBuilder
2022-03-3013288038334864175047.xlsxls 6edf2bbc238af34d4d9a013d6ae99ec1a1df41d15caa4bf4e90ec5fd50ac19eeVirustotal results 28.33%SilentBuilder
2022-03-3009555948879097509.xlsxls 92e238cc61611c6ec0b8765d74e30fd645e7929bdebc5172db8e8777b90214cbn/a SilentBuilder
2022-03-3058941481933.xlsxls a70944dc8486f8580125d6fc42dc181656aa83f9c9e1917512927e24fa13f69an/a SilentBuilder
2022-03-307554818794714205.xlsxls 517ad9640522ddd6180f39e1bdf5dff22b469b04cba6c10f4c0d6e3bcca16b19n/a SilentBuilder
2022-03-3037933201739685.xlsxls d2e33b2424a064fc066a9360931956be3294f12080163276ed94ef878e28eaden/a SilentBuilder
2022-03-3043622913844648419.xlsxls db7ac4e7e6c4ddee43cc56b66ed95b28a7bac06a2f5fcf6b6bc0a4faf88157c2Virustotal results 25.00%SilentBuilder
2022-03-300469116740408554000.xlsxls 0ca97e0da60bdc40cac1f0c63b6916e0976650209ca917398fa40999f7783073Virustotal results 25.00% SilentBuilder
2022-03-30406869285512938167.xlsxls ebfa044ba6f3aeb955776b3c5565296472f0f8f6ed2dbb78c25c87f8107de4f3Virustotal results 22.03% Heodo
2022-03-308491919011427957.xlsxls 28c1994bc596421a111c75b795d98b2192edc5aa92b6d1e3adcefd40bd9d0bdfn/a SilentBuilder
2022-03-30676299534419531.xlsxls 7f6c020c42ce81f72bb8d42b6ee843d05655bc488204531c351e5efbb6d8e4a1n/a SilentBuilder
2022-03-307147352456946437381.xlsxls d165b715b1c473df33c059be50a8eec754b9dc819ed59230ab9c74e352584753n/a SilentBuilder
2022-03-300249154211.xlsxls 9446c54eb7a685ed2b0425e43e20af5e527530c1fe26ed9bfc6764c24dc44c8fn/a SilentBuilder
2022-03-3058403690075.xlsxls 73a7d36de3e4f7ddc7f714ff205b0ccd1660020f04898ec79764150268cc31e5n/a SilentBuilder
2022-03-30164412410262289.xlsxls be30c324bc85d3aa1be2048f89f1cec9c904743add5112f737b689d9f56c1820n/a SilentBuilder
2022-03-30624263112415.xlsxls ed919e7317e9edb91eb7468e26cad1b08ecd328cfb669e1fb95bc2f3171b2ec8n/a SilentBuilder
2022-03-30823364937245957476.xlsxls 17ecc742902925465369b5dc8bb6c8c87d9e16a1cdde0c38c3b4264f73029cd6n/a SilentBuilder
2022-03-3072297588451087278363.xlsxls 905937ee43f2fc5221d18f42e0e1b2514bd1059016ddac70a5fe00c2092cf34an/a SilentBuilder
2022-03-30976581312211615.xlsxls 385fc2720a678cc5b53d3d58caa225e7fa24e29c86ff6acecb609afb7659caa4n/a SilentBuilder
2022-03-30101080106721085.xlsxls 562cb8922d82b50caf2e7452a6db106849432c9577c62aca3f1fd5fe90cd5308n/a SilentBuilder
2022-03-3094757155256944533160.xlsxls 8268e3b187b04e9310ead1910af5d33341941f04739fe068e06eb341969b71afn/a SilentBuilder
2022-03-308409941552979517240.xlsxls e7e82a21a6688a513fbbb984f6eb3acadcfc4ee4d8f4572c4a2917b1fc45e90bn/a SilentBuilder
2022-03-30565086529835996.xlsxls 24ad9d3f78bea240504cbce0249b7039af63a76ace53c784675eddccc8a91de0n/a Heodo
2022-03-3095388254122381825141.xlsxls 39e9199a1a4f3bdec4b6df74937c1a5b178d8f55f2a9ed84a1480e5dbb2be75cn/a SilentBuilder
2022-03-300420420007273742.xlsxls 805ea337e3e761a017b54b6a0dd8dacc8e1e05f20f2b5ae129fa1882c4e2ecf4Virustotal results 23.33% SilentBuilder
2022-03-3075567687722.xlsxls a86068c11ddc91fe81492d31c721514cb80c6bb1948c7cf126fe733af7205e52Virustotal results 21.67% SilentBuilder
2022-03-29701955254699175.xlsxls 1b7b4de07674b0a896830c649a51473d0c17f4ea18ec4c30001b9886c6af41ddn/aSilentBuilder
2022-03-2934860409195892059968.xlsxls ccb548d41cebfcba2c1b04912fb4f992cca90e013536c6716e1cb2b8145b98d6n/a Heodo
2022-03-294042272147407577457.xlsxls 4db12a7472a2427ea88cb16a24494b46824688abd29824abffa27f9366e46f30n/a SilentBuilder
2022-03-29654067504018.xlsxls 6ddbab092ea3334218e1a42e8c21dacd63db67a4c382a78095e0712c06d9a667Virustotal results 21.67% SilentBuilder
2022-03-29546925925059890551.xlsxls 9db976f03be80c573a78c32957197e49ea8b492a333975837014c9b3b5172198Virustotal results 23.33% SilentBuilder