URLhaus Database

You are currently viewing the URLhaus database entry for http://bekx.devsrm.com/wp-content/Pb0i9V7bRkwzWSE02lEZJ2aRi/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2120527
URL:	http://bekx.devsrm.com/wp-content/Pb0i9V7bRkwzWSE02lEZJ2aRi/?i=1
URL Status:	Offline
Host:	bekx.devsrm.com
Date added:	2022-03-29 20:39:04 UTC
Last online:	2023-01-21 16:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-03-29 20:40:06 UTC to abuse{at}asmallorange[dot]com,eig-abuse{at}endurance[dot]com)
Takedown time:	9 months, 27 days, 20 hours, 3 minutes (down since 2023-01-21 16:43:14 UTC)
Tags:	doc emotet epoch4 heodo SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-03-30	21791599324936.xls	xls	2b82324426c06592a76bf7c5c8aa1dee1ce453a2735ecdb3d54a179a452bc4b9	n/a	SilentBuilder
2022-03-30	88699702600469018680.xls	xls	b0bb73b26ef4bb7bbfc7a11f9623721be84f3b00cab0c87a0a89597f79cc9be4	n/a	SilentBuilder
2022-03-30	9389900217.xls	xls	01986c3420bb1e16b56c4b6ee323e628bcdbe7c0afb96cf1d80b0c1c46f6054f	n/a	SilentBuilder
2022-03-30	1374136597670977.xls	xls	4929501cdf479939048f8d61525fa08573395607348de23b0b9326f031600e26	n/a	SilentBuilder
2022-03-30	54113171111523.xls	xls	4d53d44c975b7bc07383a80364e591a49c73956a74beea60f7c3f1bdbf748659	n/a	SilentBuilder
2022-03-30	96125777337805.xls	xls	6a3046a535a92689c6e5bc58e7a4bc8f4c0edb1646c288ae60283ec9136b1ed4	n/a	SilentBuilder
2022-03-30	544124373120943447.xls	xls	64fb06d13278cbe4fb6ab3d09eaaf56ef4f16c48d82da4f164e8b4483358be7d	n/a	SilentBuilder
2022-03-30	5350197164742583.xls	xls	4049f60f0d4b2bde89b6e0f8474744ae0eba1eab4ce2a4e33066e480db5f9105	n/a	SilentBuilder
2022-03-30	413832089290367.xls	xls	fcc9433ef4577609340bc031159a9d1329e9f97cd05dc2093d12abe1857691f9	n/a	SilentBuilder
2022-03-30	49200092076.xls	xls	32f3e722f746ac4acff3f58e739da7e4f035e631b1e425e69d4dc62e69100dc8	n/a	SilentBuilder
2022-03-30	9070514259785358.xls	xls	30ca6fe2cdcf114cf2d4aaf09ec92ff5ef2f13a9ecf72ca8a5d37195f6688aa3	n/a	SilentBuilder
2022-03-30	3815762324699720.xls	xls	39e9199a1a4f3bdec4b6df74937c1a5b178d8f55f2a9ed84a1480e5dbb2be75c	n/a	SilentBuilder
2022-03-30	31999689627528186268.xls	xls	18a5aadfb1ade6b05280001f26d457382545510248408bbf0ba6d73aecd59e1e	n/a	SilentBuilder
2022-03-30	7430297923289727.xls	xls	8bc576d7a20e6614e7b139a3ee525c37e46da65fcd2d59a8d4adf1b57354ae05	n/a	SilentBuilder
2022-03-29	65707701803036632187.xls	xls	c7e78d00cf4d1eda853fe906d22b26c5e9a03e67f2ab9f2755ee7b7fb8c54ee6	n/a	SilentBuilder
2022-03-29	13075879209226753.xls	xls	ccb548d41cebfcba2c1b04912fb4f992cca90e013536c6716e1cb2b8145b98d6	n/a	Heodo
2022-03-29	00455708345665549.xls	xls	cbcd73a418e0bf221cabd2fdbdd72a9ffb59774bc3a8a94d5a5ba7c6849a8451	21.67%	SilentBuilder
2022-03-29	5526567636310589928.xls	xls	d8771461e364a331ffde01dbd3e64c5e2550e47ae04569f9e31bf14a77ce2bf3	n/a	SilentBuilder
2022-03-29	3727712421377334.xls	xls	7bf1dc8f35c99f9d3a1d337a70482f7818a82fc80d4e3b9476471b52e5b3604f	n/a	Heodo