URLhaus Database

You are currently viewing the URLhaus database entry for http://globemerchant.com/platinumcannonshipwreck/iqeCvCc5BcWU6YsraYSIorZuPU0AG/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2122983
URL:	http://globemerchant.com/platinumcannonshipwreck/iqeCvCc5BcWU6YsraYSIorZuPU0AG/?i=1
URL Status:	Offline
Host:	globemerchant.com
Date added:	2022-03-30 18:01:05 UTC
Last online:	2022-03-31 06:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-03-30 18:02:06 UTC to abuse{at}privatesystems[dot]net)
Takedown time:	12 hours, 45 minutes (down since 2022-03-31 06:47:54 UTC)
Tags:	doc emotet epoch4 heodo SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-03-31	OWS-5319558.xlsm	xlsm	9348419acaaa7a82adb28cd968f8b10b980dcfe9622044ff9a7a0383921a3c5f	n/a	Heodo
2022-03-31	CRK-70776641.xlsm	xlsm	a099f9c9c8eff7049da288a1205f1c0ccd52a4954930cabdd7a00dafbe8bbe6d	38.10%	Heodo
2022-03-31	AJ-192948169740341.xlsm	xlsm	f88eb7101fdc0fe20190969ec3bb4651bf4f270d9a9636d6c1e1a84ae46a9cd6	37.10%	Heodo
2022-03-31	ZT-3679295.xlsm	xlsm	bb415157a1b9bbe60b44a718eaed436370f6a07df786986c3adde6f5f22c12fe	39.68%	Heodo
2022-03-31	EO-25134285111.xlsm	xlsm	265f4ce97b8c4a17c8f27359496edc3f97e2e6926a267fba16797dd5c6e3a70b	40.98%	Heodo
2022-03-31	WV-24491853583192.xlsm	xlsm	52939ecf287fe6bf3435960c423bf17f7ea8452f102024e9aca86cf806fdd533	n/a	Heodo
2022-03-31	EBA-961719538041370.xlsm	xlsm	70c7353a1e172d428b42bed59b7ddb9a6d1b60c368ec7ae5eb64c0eeed368080	43.55%	Heodo
2022-03-31	RJS-0840255132708.xlsm	xlsm	08e924859a3a3f17c099cca75fbb3cfd7f8cd726fa2e89fb47ff02f9687143ba	38.10%	Heodo
2022-03-30	ZL-83540138635.xlsm	xlsm	4de0ee96907c9c431a85d1a6b259851537ab1e75656a55ec2f03b2d8d06326b5	n/a	Heodo
2022-03-30	WWT-2041764168763.xlsm	xlsm	ae3937925f18c7db77b2fd19394cb114cb460741dfa2b7c5bd10de9c5c2e35fd	33.87%	Heodo
2022-03-30	HX-591375656.xlsm	xlsm	42c504a0fee5cb3e3033b4f6d596ce78f3f3c1118dc4cdfddf0b54715c66117c	32.79%	Heodo
2022-03-30	RZL-455167553481.xls	xls	403c28ce1df56f185d0824575299bea20d7d1738e6a9688c551d039b6d1aaea2	n/a	Heodo
2022-03-30	OOR-0593063.xls	xls	31ad327541ee0627096151e901dee22241e584b78b52c17eee5a1c40a6f25490	n/a	SilentBuilder
2022-03-30	0077471123805904889.xls	xls	c5aa33328fbc3163dcfc8a8cef48a34c942b17dacc723f3dddea41ec4896db52	n/a	SilentBuilder
2022-03-30	45150419231570089.xls	xls	6bc82ca44f9547143dd0946b0a5eb849e09e743565f3731328c94506ba8edb7a	n/a	SilentBuilder
2022-03-30	38638091910.xls	xls	75d1a3270a08f5dd1a0e2696f52fc44ad9f2ef87bbfabf1393535699a22574e6	n/a	Heodo