URLhaus Database

You are currently viewing the URLhaus database entry for http://hhind.co.kr/intra/hhm.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:121066
URL: http://hhind.co.kr/intra/hhm.exe
URL Status:flame Online
Host: hhind.co.kr
Date added:2019-02-10 12:42:11 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Abused domain (malware) link
SURBL:Not listed
Reporter:@zbetcheckin
Abuse complaint sent (?): Yes (2019-02-10 12:44:02 UTC to ip-adm{at}skbroadband[dot]com)
Tags:exe

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-06-27n/aexe 2c018364f1e3534ffe59e4291bae0e354dbead39b80c13cfbca7eb619a340c38n/a
2019-06-27n/aexe c96922f86d6e228f881ba9fe495d0d4680226546a194700b5725e22927760094n/a
2019-06-12n/aexe 30e82059237dc89dbfe80ee65f8c350a0b365023d0d5d0407e9b63e0bda08a70n/a
2019-05-02n/aexe e11fef02eaf236591ecf61fbd936394c91ab6a212c239b53821088682cb49537n/a
2019-02-20n/aexe 4f4b21ca1867db44319da8a743ea9fd7b5b517ec802e300ccba256b445478c98n/a
2019-02-10n/aexe 3802928c13363305dbedeb53c3475486f21bec26029c70462ccee3fab5a9092cVirustotal results 51.43%