URLhaus Database

You are currently viewing the URLhaus database entry for https://group-celit.com/img/bqLL1uiRPRIsjGd5uM7/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2122866
URL: https://group-celit.com/img/bqLL1uiRPRIsjGd5uM7/?i=1
URL Status:Offline
Host: group-celit.com
Date added:2022-03-30 16:46:10 UTC
Last online:2022-04-08 12:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-30 16:47:06 UTC to abuse{at}gigared[dot]com[dot]ar,abuse{at}gblx[dot]net,abuse{at}gigared[dot]com[dot]ar)
Takedown time:8 days, 20 hours, 0 minutes Bad (down since 2022-04-08 12:47:10 UTC)
Tags:doc emotet link epoch4 heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-04-01XJ-009097739.xlsmxlsm 4207d8837943656e62fed5e7f98e6247c9a5d63d460a7bbdbb4296428051b3e4Virustotal results 45.16% Heodo
2022-04-01BDF-4365817389053.xlsmxlsm b42ac7850efc6c39b4c7db61d4be9a131d78b545eaaa868dab373c45bff2fd72Virustotal results 36.21% Heodo
2022-04-01ZW-69258980652127.xlsmxlsm 1cef59b0cfd651edd1b587c50988c75a14b39c325a3f41839e3ce51c08f7f753Virustotal results 42.86% Heodo
2022-04-01JIS-394555686.xlsmxlsm b9a82fa6fb67d3ca785a7d8d842c76b3beecd65c9789af664049e029ce4e9a7aVirustotal results 45.16% Heodo
2022-04-01OGS-842065430572.xlsmxlsm e503bdfaa287dcd3634ddd3c3b00f7c0a162768c200e6739e356328e6c8c1ed1n/a Heodo
2022-04-01VZ-6044882087.xlsmxlsm 3ae76b8b56720b9de3d4d679e5e5b70232ade7e9461635465d025c0a9b861ffdn/a Heodo
2022-04-01YAX-90072505.xlsmxlsm f43408a5254cbcdcebadf6d4f5f4e2e7202cd88b8a6bb1ff62f5caf1bea5a0e7n/a Heodo
2022-04-01OLS-45618100866.xlsmxlsm a952453aee7b5d358259b92750c559cdf583f54496aa8a8b81a5aa27d2b18dfan/a Heodo
2022-04-01TP-8281496771480.xlsmxlsm 1a8adefa7d083432f592ddc3797611b4e8076869a11177ebbdc1b5b6bc22982fn/a Heodo
2022-04-01ESS-11741191449002.xlsmxlsm a5935a412c23ba191d5b45d6c5d4bc9ef13f7e88766c37571502a79ee381ef5dVirustotal results 38.98% Heodo
2022-04-01XT-4625853244.xlsmxlsm 525f6667c0439d7c21905eb0aec33c64c4b4ee34d0f3896f67f5140927b44d90Virustotal results 42.62% Heodo
2022-04-01OSF-787014715616973.xlsmxlsm f53321cb8389d05b2d4c2f1a82efdf89e8d00a44ed13e02f649c90fb3169a7a5n/a Heodo
2022-04-01PU-41969404751768.xlsmxlsm bba184efb454972191ec837362eddc4ef35f60b616033ef54cbd77d1a70f8f3fn/a Heodo
2022-04-01YJ-55103371136093.xlsmxlsm 05aecb805762b1c7cae04f8f46d0d43392d1b6e4880c93d82f69ef52d8dd2660n/a Heodo
2022-04-01TCG-63671168.xlsmxlsm 3d3d238ca4765fb46ab4acd05120295ee765c8788700ef65625607b08920bf9fn/a Heodo
2022-04-01HKW-273850045533120.xlsmxlsm 9ae3ff917d99c0e0ba1f6dde3bcfebd781ab332d65552b032855ca627606cccbn/a Heodo
2022-04-01QAW-76767285452669.xlsmxlsm 764dc9c37da82215bfa8dce451fc0946c901984084015a98478a65bd670835c2Virustotal results 46.77% Heodo
2022-04-01RTD-8156520884027.xlsmxlsm b7a2ba71c06e47b7011fb3b7f3a263a34c991d3eead33a69dbcf967bdeda5a96n/a Heodo
2022-04-01ZV-556173176.xlsmxlsm 2cbe77b879d18d1912fc160e101f3ec30a74eebfb2d138b01259a14979f15060n/a Heodo
2022-04-01KWN-56400530.xlsmxlsm 3005686dd6b770a4a0af0ba70ec91ea407d32838aa2acea56c5ab75f2a47ff56n/a Heodo
2022-04-01SP-501662475.xlsmxlsm dec78675ed65ce3c282f1d9d3e4a1da9209c833b7aca7b14647e1a944b002400n/a Heodo
2022-04-01GBD-104415676.xlsmxlsm 77bd6aa47a2c099f99f463a04c9f5bead9d13eae0ccdf1821a6cb755d8c70382n/a Heodo
2022-03-31OQ-203125235.xlsmxlsm 393c558f60c7190e056556b57da065bb44ac852b380fa78204461fe90db003c4Virustotal results 38.71% Heodo
2022-03-31TKY-3106848011.xlsmxlsm be738143f60cb6f52b7bb48b7a9b84e25571305dd32c5fddaefd80ad1dd80b27Virustotal results 42.62% Heodo
2022-03-31NBC-296404994060653.xlsmxlsm ccd9dcb6dc115061ff6e011cb77ac0c73d785a23c2019aabe11eba9b7500b118Virustotal results 38.10% Heodo
2022-03-31ZC-1898458.xlsmxlsm a395d2ca627270c1b53481050d39c6395c778682e98aeedcb00d1f68fd1ec23fn/a Heodo
2022-03-31ZT-9506415.xlsmxlsm 99bacd00ff714e00339dc64c1418b2c0c26ca69120e34bd32ba8e73d2044cd9cn/a Heodo
2022-03-31TD-8873185.xlsmxlsm 2fa93c2dfef003816d473094a03ffe57ed6fd6cbbd21f22831af88634fc3287dn/a Heodo
2022-03-31HWR-88432489976.xlsmxlsm 36828e7a04990e1d0b2b67ccfa64ea170ff92c77cf92107d904f1e106c1d676bn/a Heodo
2022-03-31VD-040501166177.xlsmxlsm 894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7Virustotal results 36.51% Heodo
2022-03-31ILR-85929099.xlsmxlsm b034cfc88c6603dc0f5519ecba2dbba8c5382b26b8c25da23f8d40368ce8e7b5Virustotal results 33.87% Heodo
2022-03-31HQW-776105577.xlsmxlsm 63ba5c63fa8f569c1870ab57faeeec2933a7bdb28c90458f6c5373f1a71dcef4Virustotal results 36.51% Heodo
2022-03-31KAS-0179391846419.xlsmxlsm 741ce52756ec7af61733cc38585600581961b56bc885e46393e6e2028bb8efben/a Heodo
2022-03-31BOE-53875870693306.xlsmxlsm 00ea616ce33ef49268a2d6046f588bb73c80b7a90ae6e5e5067938d72e858564Virustotal results 38.10% Heodo
2022-03-31LP-24103164632.xlsmxlsm 41a73a914406df97e2944f7742f48272bab7d25486c9c2a5084a7f158fdb2aafn/a Heodo
2022-03-31ER-3971219.xlsmxlsm f869263419a75a1350a78400b9e3dd186488c7c76d299e7984af7e5e0c91d75dn/a Heodo
2022-03-31RY-96001998135226.xlsmxlsm 162637428037d1f8f3bd675b122e5b830107b9ea7352c8c765e97a3afbce1231n/a Heodo
2022-03-31EK-53451932.xlsmxlsm ecfb46439586ddfd60ed5763f7b103d7487e94bf095208d8967dd838c5a68c27n/a Heodo
2022-03-30XKY-5437964328.xlsmxlsm 08e64e582d9d42f5f3a21eaff52bcb72b4a3abfc761561ff28f40bf937dedb2cVirustotal results 35.48% Heodo
2022-03-30PCH-5972413.xlsmxlsm 70c7353a1e172d428b42bed59b7ddb9a6d1b60c368ec7ae5eb64c0eeed368080Virustotal results 33.90% Heodo
2022-03-30SR-1490248825.xlsxls 6e01ff3d58fa651f18f924c8458cd62827fef98bc3e43893fb927f34b9ed02c1Virustotal results 28.33% SilentBuilder
2022-03-30AW-175984755874932.xlsxls 2fba5997186a1e4e2da7496bd7a1bca3eaf425971cc76dd7be878f3fd88add07n/a SilentBuilder
2022-03-3053982282147.xlsxls e6816092d6eb5bec7ab8d5463c45994379e212925e29994c9a28a826b9f0ee92Virustotal results 26.67% SilentBuilder
2022-03-30487422282958041.xlsxls 6bc82ca44f9547143dd0946b0a5eb849e09e743565f3731328c94506ba8edb7an/a SilentBuilder
2022-03-300383891306602.xlsxls 517ad9640522ddd6180f39e1bdf5dff22b469b04cba6c10f4c0d6e3bcca16b19n/a SilentBuilder
2022-03-305124424390266.xlsxls 539de96d81ed4955f2d70a8c888ba181357736c83b1c56383797bb82f18abb52n/aSilentBuilder
2022-03-30287406975151836362.xlsxls d2e33b2424a064fc066a9360931956be3294f12080163276ed94ef878e28eaden/a SilentBuilder