URLhaus Database

You are currently viewing the URLhaus database entry for http://grosh.nl/mijnsingle/A/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2122917
URL:	http://grosh.nl/mijnsingle/A/?i=1
URL Status:	Offline
Host:	grosh.nl
Date added:	2022-03-30 17:09:04 UTC
Last online:	2022-03-31 09:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-03-30 17:10:07 UTC to abuse{at}proserve[dot]nl,abuse{at}signet[dot]nl)
Takedown time:	16 hours, 9 minutes (down since 2022-03-31 09:19:36 UTC)
Tags:	doc emotet epoch4 heodo SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-03-31	UCD-3217772114959.xlsm	xlsm	894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7	36.51%	Heodo
2022-03-31	RL-1568489547.xlsm	xlsm	fea58fae76c86e5f07c7f8b032f84174206bc489d92c49fe54a5b51d2658faf8	34.92%	Heodo
2022-03-31	PGX-39855777619.xlsm	xlsm	64c57c337892c7579a7c6d302233570e6f2450b0d0152b3b32de811347079a2a	n/a	Heodo
2022-03-31	GPV-3713454841718.xlsm	xlsm	5fe0d5c74d36af2db670ba08c72837740a66a82a2e8f0b206468474195578366	n/a	Heodo
2022-03-31	PLD-845919342570.xlsm	xlsm	4e313f9f3abefe7d2a05b2d9ce9dae1683f91278ec0ac7cff68b9f232ff656dc	n/a	Heodo
2022-03-31	PBI-96661090374.xlsm	xlsm	f88eb7101fdc0fe20190969ec3bb4651bf4f270d9a9636d6c1e1a84ae46a9cd6	37.10%	Heodo
2022-03-31	UE-8035500.xlsm	xlsm	8ffdaa8f731fe2148ad8c7dd79ce44c3dc17eadb46af64c64a76395fd0e629ac	40.00%	Heodo
2022-03-31	QW-307830464402248.xlsm	xlsm	265f4ce97b8c4a17c8f27359496edc3f97e2e6926a267fba16797dd5c6e3a70b	n/a	Heodo
2022-03-31	KX-67054982704864.xlsm	xlsm	6f7875f81192db87ffea6b495f10f68edb22a26f0cbc22b47cc1fbaf1b160cdd	n/a	Heodo
2022-03-31	GLH-763185931344.xlsm	xlsm	0c71f0ce426be3dfeacb36cfb08349362327fa6041d1669a1d2ef8b1110bfab3	n/a	Heodo
2022-03-31	AWF-7353475350.xlsm	xlsm	08e924859a3a3f17c099cca75fbb3cfd7f8cd726fa2e89fb47ff02f9687143ba	38.10%	Heodo
2022-03-30	JUD-490519386123.xlsm	xlsm	0f0f7b2909d785721bac9e084861e0e82096d63f5a895e6b4cd3c02b490dbc9a	n/a	Heodo
2022-03-30	OA-76537844920162.xlsm	xlsm	39bbb570609ea300f9d959dcf23f2161043c6dedc230f97e7eab2388db651831	37.10%	Heodo
2022-03-30	XV-02572143112219.xlsm	xlsm	96fac13010c22cdd9510ed06c70ed29257b59aa3fc3be17a9515bdcf3596aa51	33.87%	Heodo
2022-03-30	XR-76174474148017.xls	xls	2fb5d6b4684b1f180fd682f92fc346420c16376d64b8b8ec6b0564247000dc58	n/a	SilentBuilder
2022-03-30	308460736579126408.xls	xls	9adde116bf0bac725d59a9758fe3135672fcf8e2a7d30d3ae41d6df39452d54a	25.00%	SilentBuilder
2022-03-30	13024456079.xls	xls	e6816092d6eb5bec7ab8d5463c45994379e212925e29994c9a28a826b9f0ee92	26.67%	SilentBuilder
2022-03-30	81597233807306686.xls	xls	dca8eaa3af3959b306af25eed2fa0edff0e0afc2eff8303e02086f3c9e2d24aa	n/a	SilentBuilder
2022-03-30	26641131054582714.xls	xls	ca7ae0768d8ec84c9636a4287b0924f63b6c34a876d90a1db949444a9f913e9e	n/a	SilentBuilder
2022-03-30	908184046656137.xls	xls	26cd434824a47499fb86ddc7f7935decfa7dad1a9b4e3660cf17d2503a467d2d	28.81%	SilentBuilder