URLhaus Database

You are currently viewing the URLhaus database entry for http://bmh-global.myfirewall.org/EXCEL.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3657580
URL:	http://bmh-global.myfirewall.org/EXCEL.exe
URL Status:	Online (spreading malware for 1 month, 18 days, 4 hours, 17 minutes)
Host:	bmh-global.myfirewall.org
Date added:	2025-10-05 10:40:16 UTC
Threat:	Malware download
URLhaus blocklist:	Blocked
Spamhaus DBL :	Abused domain (malware)
SURBL :	Blocked
Quad9 :	Blocked
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	abus3reports
Abuse complaint sent (?):	Yes (2025-11-03 16:53:13 UTC to abuse{at}lanedo[dot]net)
Tags:	DarkTortilla QuasarRAT

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-11-18	EXCEL.exe	exe	88defe8ebf09e975d9e7891540a650f9fb598b22bf1bd11b3730e7e2da10ef03	31.88%		QuasarRAT
2025-11-13	EXCEL.exe	exe	3c70bd86849bc23186189bf40b89a9030195885a9b3d823145d9be423c5f8d15	n/a
2025-11-11	EXCEL.exe	exe	d2cb1acc04a3bb630aa70a88ee4e82df7054511ddedd52ba271ec3e0b09dce1e	n/a
2025-11-11	EXCEL.exe	exe	fd71d4540fae7d120f1a49e0588a92dd836656a7c727dd79a9601cccfc29e209	n/a		QuasarRAT
2025-11-07	EXCEL.exe	exe	0a3c4fcaf7afc62d75307a7f86840ee0616950981a4255973d47dd03f06c76f9	n/a		QuasarRAT
2025-11-06	EXCEL.exe	exe	94c3c05bbe9487c388eb3b065882fa5d80a505f4b50bcae792853140ea8fdeee	n/a		QuasarRAT
2025-11-05	EXCEL.exe	exe	c468add27578d3119695ccf860bc9a38f0f40651a791dc9d832268e104b80b7a	n/a		QuasarRAT
2025-11-03	EXCEL.exe	exe	7f5aa29089f548154858f0ff24520777a527151aa5b32d160a84192d0c378ae9	n/a		QuasarRAT
2025-10-29	EXCEL.exe	exe	c6800825cb70b74d19417198ac7997158a7f3e1fc20b4594ff2b7189f90efd34	29.17%		QuasarRAT
2025-10-27	EXCEL.exe	exe	6e906fa0e0e4abd5e00510161c36e4a14f3252a8ee5da9ebb96c18b13bd26167	36.11%		QuasarRAT
2025-10-23	EXCEL.exe	exe	ab65831e0400908f1d482004cd598b17784df2a666575ec1169654987f19b396	35.21%		QuasarRAT
2025-10-20	EXCEL.exe	exe	eee38a038e8ff309d1a47c6c54b2f6abefa3421f8d1cd3df85a453b0d270e187	45.07%		DarkTortilla
2025-10-18	EXCEL.exe	exe	52c8c7e2648677fe73a9db41f0dc668e7a09dbf464631adb5766cee77ce25daa	n/a		DarkTortilla
2025-10-15	EXCEL.exe	exe	2cebd8d87d3d6044f9ca6035515cf75eaedd87022df8fecea0da45f02f5fcb2f	n/a		DarkTortilla
2025-10-15	EXCEL.exe	exe	7e9f013fad3a04dc69002490a52573c606ed4dc938d9ccc27f5c7888fde0c8b4	37.50%		DarkTortilla
2025-10-13	EXCEL.exe	exe	14dc2355c1cf16454a7d9d85620b50146f19661ac7da488de2bc5f7e55c173f5	31.67%		DarkTortilla
2025-10-10	EXCEL.exe	exe	e760a21072e7a02b2159521a7dce9cb580aafbbaf2e4c94e897dfe0e22b72f27	59.72%		DarkTortilla
2025-10-10	EXCEL.exe	exe	c0ca98d9661d8a7851f97d65d2f8935465975480c70d3d0732b35bb05026759a	31.25%		DarkTortilla
2025-10-09	EXCEL.exe	exe	ff5ea6ec3d117eb6de357ed942409a8688765f6b3442f69908886dfe9c33b332	50.00%		DarkTortilla
2025-10-08	EXCEL.exe	exe	1c5b0980abe633b897188e78bc07101c7cd6bcff618b247bb1221d52d487b274	39.44%		DarkTortilla
2025-10-07	EXCEL.exe	exe	3cb898a4019b77f5d6cde4830d38585069695b909625fe68a95d333f7deb1547	40.85%		DarkTortilla
2025-10-05	EXCEL.exe	exe	bb137c100b1bdff7e0ec53d8c241cbb48c36053ce42b28e0bde597ee44bd6436	n/a		DarkTortilla