URLhaus Database

You are currently viewing the URLhaus database entry for http://marywangari.co.ke/OWUFCo3wEBv9_nov6xLeK/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:122487
URL:http://marywangari.co.ke/OWUFCo3wEBv9_nov6xLeK/
URL Status:Offline
Host:marywangari.co.ke
Date added:2019-02-12 13:43:20 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2019-02-12 13:44:07 UTC to abuse{at}hetzner[dot]de)
Takedown time:1 day, 23 hours, 8 minutes Poor
Tags:emotet epoch2 exe heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-02-14G6di0vI7eFA_qT.exeexeb12e2457d79287b2c26b282aa271c8d48d2c44a7b94f15eb4ebfe9bededd15can/a
2019-02-14lPDMNN6zwlBR.exeexe37f0f36059fb52dc0d730b51ec6003e0282b31e354476cc3eff13456870406e8n/a
2019-02-14smWX2yY_o7C2r.exeexe9e1ac0e988685ea6cae11d65fc6e7c75b647e40bd87accc8bb7117ace31d4d14Virustotal results 14 / 69 (20.29)Heodo
2019-02-14bhQXOBNMVl7u.exeexecef25cecde666e868ba2c0eb34ba4e3751b1d27535d254d046efbf70778039abVirustotal results 15 / 69 (21.74)Heodo
2019-02-14DFoGW.exeexe3869620582570a1d59059620ef2d756c7d232c5ce2d9f563e9dd3f1e453d9032Virustotal results 16 / 68 (23.53)Heodo
2019-02-14ZwhEIWD6AaU_s88r2r8t5.exeexeb43d55acb4e63afc280c83765e4049aaa2de4cb64cb3bd8931b395210fd0c06dVirustotal results 16 / 70 (22.86)Heodo
2019-02-14SEZrv8zRtFyzE9ag.exeexe70fd7eb41a4c8299db3d589e9ae3e3f13b0beb9d0a3aa7d4a256ef6020bb1640Virustotal results 16 / 69 (23.19)Heodo
2019-02-14gmzRmWsUt.exeexedeaabd909eba1c0884eb8d8f51c001133d9ed02c1e1a0af433345ca7b219f4aeVirustotal results 14 / 68 (20.59)Heodo
2019-02-14QLmxD1eLL6k.exeexe52d0c979230296f4ecb625f7e3ffb2e29ae483e31b4fe3745f97db838a3a52a6Virustotal results 14 / 69 (20.29)Heodo
2019-02-13MfB_j.exeexef5355e49f9339ea52f1880a2d28409259377ff0203f205c6fcf24d8311767688Virustotal results 13 / 69 (18.84)Heodo
2019-02-13GPQJ_UQ0nKdnJ.exeexe951371e4eb84feff4bc420dee46861527abc3ce3e8c30f48c9f1230f2c400dd8n/aHeodo
2019-02-13M43n.exeexe9f4b4d9bac1de776a87d0f8aaac913a400ad1404156e25c969337c22fa218087Virustotal results 12 / 69 (17.39)
2019-02-13iCR4bpWdd.exeexe939ae62589694effb6767f7d6217db30acca561d60ac9ac589718d428333860an/aHeodo
2019-02-13gwBQc4os5J_aS2ACEG.exeexef2990a95ed74b5fb9dbb19f39efdf3ce9dd8c5da4f2819c43e28742cffe89219Virustotal results 13 / 67 (19.40)Heodo
2019-02-13VoWu9IGjkZGk_n.exeexe5e23fde7e5c00b268e534911900da319eacae2ed49823f0e5fca31b34a443c3fn/aHeodo
2019-02-13xO3h_ywhzPl1PB.exeexe2dfbc59610d2b0bf7ebb4afba043b6edf600916868cbc550e5599179f5c7092cn/aHeodo
2019-02-130swObPsZYeOWdpob_JPivizxmi.exeexe0635a0da1fc79d1edca1a55c9253430aa592f1a88d0eb06f72716e32776a0842n/aHeodo
2019-02-13NyCAEZGY_PN2fjv.exeexef9a9bfa1354af89a5709ad0882fca24d3ffffc406750bd8519ec6dac177a3ea1n/aHeodo
2019-02-13MYfw1TRvjdm.exeexe79333259cb46279c804cba748ce67ec87edc25c49935d040c1e0b121152fb054Virustotal results 16 / 68 (23.53)Heodo
2019-02-13NHhqavOXfHHi.exeexe7e643e13b09022d0235ac034fd3a314d273da53de20622150efa48212c22affeVirustotal results 17 / 68 (25.00)Heodo
2019-02-13OudBmF24.exeexe0cd9bd97fbd6106f464b34e4d8f780c1febaa465e9bc98bc6c11f1d59b5bbd2dVirustotal results 15 / 69 (21.74)Heodo
2019-02-13doglWOwcOqyCPo_BV.exeexecc08bd05669a213d07735ba2b567cc3a615e9a1bcae4c2f6baa878c560f8f0b7n/aHeodo
2019-02-12Te8YnXpK.exeexeefd9f27dc06fe39568ed2123ce4ac69c696fa62eec9e5ce60f6e5b6f4a0eac7bVirustotal results 13 / 71 (18.31)Heodo
2019-02-128k6.exeexeacdb168cd245b844646b8e4b4ee65c38a52d51d394865941bd8a58015e6839daVirustotal results 13 / 70 (18.57)Heodo
2019-02-12NQlQxtrt_vprs.exeexeacf49b22cb77721f3ed49687da0312dce984b3462f8f841ecf525c6d8519e0efVirustotal results 12 / 70 (17.14)
2019-02-12XBWnl5z5dvk4C.exeexe0c27d6dd7abfa118ce6876e0291c967572f6eed7d80f531fb3aec774f3336febn/aHeodo
2019-02-12ko10VI.exeexe916df741bdcc5ca3959ca80bd5fac2e641fa90fc9e3d143cb9bee21d44ebfb6cn/aHeodo
2019-02-12cP8651dseoHU6jK0v_oB.exeexef6ab445b28b62c857a595c2cc6df9e6e2bcf549745fb7bb860033c024ea5f516Virustotal results 12 / 69 (17.39)Heodo
2019-02-12zeOkD_hjSEmW0OL.exeexeca00129519130310b12f3edfaaa6252f26e7a38f37a22358348302e07d7d9a88Virustotal results 11 / 70 (15.71)Heodo
2019-02-12uxHiJvKog_WpA.exeexee66098188f963fe9dbd7388f8c215d534dd228f27c3047d2f26f56f2a0d28378Virustotal results 16 / 69 (23.19)Heodo
2019-02-12QkBXtKzMeaRt.exeexe51db1d1c67546f22fc8e9c8c7c681496b0b2ddde964003fe68ffdb5d67a44eaeVirustotal results 11 / 68 (16.18)
2019-02-123feWeYm5.exeexe8e6ca08bb52bc257f646cee309edea4c870fb0080cb130327da16534bcf21cf4Virustotal results 15 / 67 (22.39)Heodo
2019-02-12b5t1LGY1ho.exeexee419d4d94fcb56e38d772654e67d5c1ed1effd51fca56cedb81f05de3c941fe6Virustotal results 15 / 69 (21.74)Heodo