URLhaus Database

You are currently viewing the URLhaus database entry for http://www.mahakur.afstudio.web.id/joawk2j34/nu8dFZiu/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry




ID:120216
URL: http://www.mahakur.afstudio.web.id/joawk2j34/nu8dFZiu/
URL Status:Offline
Host: www.mahakur.afstudio.web.id
Date added:2019-02-08 14:27:11 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2019-02-08 14:28:02 UTC to abuse{at}idnic[dot]net)
Takedown time:4 days, 3 hours, 59 minutes Bad
Tags:emotet link epoch2 exe heodo link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-02-09Mb8rxVFHH1S.exeexe cc79082a92729cd222e51a0f8ccb55bfb53e90127d5047fb42d9df9971387452Virustotal results 22.86%Heodo
2019-02-09Dw1jjD7fS_ransdG.exeexe 03ae00f9fec44e8a68cf1fa1ef776935c4a82646489ffa868c271e5546dab58fVirustotal results 21.43%Heodo
2019-02-09xczCT91vHOAoBRY8A_7wbzr.exeexe 7f1d02fb84dbff903dfa62b97f565f28960cb4078113bf592615297f124b9c75Virustotal results 20.00%Heodo
2019-02-09tegZ53vyFQaoQ.exeexe 873e5002d3736017f50a3766aaaa768824e0671657a2f8e10ceb66782106d456Virustotal results 27.14%Heodo
2019-02-09hy_0wrCbO.exeexe e61a29a8603abe90ab9d58fa2de92a44f1dbf6eafcb22a2e09564fe915b2f225n/aHeodo
2019-02-09p6TtvAxspj.exeexe 38ab2ae09db2f5cf462f7adf397c44aa0cfbce5307d054a055f38f40d276afdaVirustotal results 27.14%Heodo
2019-02-09E6oTn3Y.exeexe fa3bdbcbc8b15fcdaf10daead0a0be412b2038c5f11df63378ebad0b297fe402n/aHeodo
2019-02-0919omHQy9IDLf_X9uV.exeexe a8a6409c55fcf40ff218991b46db88b7731b701ccae152707802abdbd3faf0dbVirustotal results 26.47%Heodo
2019-02-09StVZWnQHOOz.exeexe c7b4701faa047e66616d8f6136025cfdc89016cc76774d8156065e029c859d89Virustotal results 24.29%Heodo
2019-02-092889ejqH0H_5.exeexe 2e6c54270f82d64da99774c7b95f69bb6e55e8c01c614e17ccdb17475ac0a56cVirustotal results 18.57%Heodo
2019-02-09nkDjYeNdMWy.exeexe f1bfcaa158f166833e28dc7270166000284c3ac1ed35be59ee79c3639df46fa6Virustotal results 18.57%Heodo
2019-02-08aoBiCbhB_pFPWu9Y.exeexe 4f18cfb7be62c91fa5ce14cad6c0399b8c3662bb1e17a74ca056c98a0047630eVirustotal results 32.84%Heodo
2019-02-08bnfo1j95.exeexe 978cbf3ed9dbc06ef571dd81061657a1b096cb843aed8034bd1bdeadb1c45fedVirustotal results 31.43%Heodo
2019-02-08EAqhYmWWdb_oWY2u6Vr.exeexe b9869d5a42b8ddec40653cb1e74d53bffa5b40b9741132d612df8bcf5900caf2Virustotal results 31.43%Heodo
2019-02-08Kxvvyd2A.exeexe ee763078eb11875674bff65edf4efbd28a4da1e0db6d515b1260a22a8e345d37Virustotal results 27.14%Heodo
2019-02-083igOUIhL_P.exeexe 8e72f18305cb9fdafe510b355053da15dd01be5cedc731a2035f7da39a3f6ab2n/aHeodo
2019-02-08ROBL2750auXVgqY_ABhdN19N.exeexe 465c928f2db7ebea439bc8184c9b35abe38ad3fef2365121bb3191fa6cbc2653Virustotal results 21.43%Heodo
2019-02-089Z2cR_w.exeexe f309b849b33aa853dd6511c326c121cbd924654ba63c7e33ef47500f13162790n/aHeodo
2019-02-08h1Qx2nBoG9PZ.exeexe e532c4c6d50e2396f3e5b9154f334137e46d417a803a2cc78835308debba34d3n/aHeodo
2019-02-08y9x5TQamM.exeexe 20bfb305fb3078de28265d74cd552d6566f96a8ea3883147f7537efe0c94d3adVirustotal results 28.57%Heodo
2019-02-08Ks4XvqVqSXHos_vox.exeexe c785746cb2f1d6bd317d0d5f06525ec4d8343402c76309a80070b73a03962573Virustotal results 27.54%Heodo
2019-02-0887w5GxyUC_U0AZoVWg.exeexe f4cc6ce919cccb96541c9f783436712ea55b1895cef531cf4e59cb610eef89a9Virustotal results 27.14%Heodo
2019-02-08pEvx2daythb1y_U5foRMJlV.exeexe 664ed754cd1393b486eb902e0f5f1ef0e29370c75d6ba6cec8f4d6b523dfd7e4n/aHeodo
2019-02-080cF2JEKZNJMe.exeexe 05a309eed80bae33ef2b14f7a27eb3ead1b986e52e697fd19d09a61a336dfebbVirustotal results 25.35%Heodo