URLhaus Database

You are currently viewing the URLhaus database entry for http://lib.e-hon.info/wp/wp-admin/css/colors/blue/GKPIK.zip which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	149558
URL:	http://lib.e-hon.info/wp/wp-admin/css/colors/blue/GKPIK.zip
URL Status:	Offline
Host:	lib.e-hon.info
Date added:	2019-03-01 07:28:22 UTC
Last online:	2019-03-14 10:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Anonymous
Abuse complaint sent (?):	Yes (2019-03-01 07:30:09 UTC to hostmaster{at}nic[dot]ad[dot]jp)
Takedown time:	13 days, 2 hours, 41 minutes (down since 2019-03-14 10:11:55 UTC)
Tags:	js Ransomware RUS Troldesh zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT
2019-03-02	n/a	zip	fedc08db9a2b0a5a083018723cb8c1799978f0f59bc54706ecea4cbff61b7395	n/a
2019-03-02	n/a	zip	30a912863a4a25455c82becf5e68535a155c7bfb11cd9eda1628a851b3e81d4b	n/a
2019-03-02	n/a	zip	218f7427f5bceb4a8abb10c802f1dd50ad364eeac29a2a145a2a6801884c0b81	n/a
2019-03-02	n/a	zip	49aa3e773b4dedd13011918f110ccc5093e42215c942ff7b141e517ac6cf7894	n/a
2019-03-02	n/a	zip	006dd8d9786cbfa3e63a70457cf424f679c4eb7990420cb36d18abd7f0a31d50	n/a
2019-03-02	n/a	zip	b5a8cd1e6ceceb72af3bb2d18c6152fd2d99eec63f74a8dd51149199bdf95437	n/a
2019-03-01	n/a	zip	194c6d0eca94ab809f27f22def1784f85afd3af8036ccdd87c1fec5445d3533e	n/a
2019-03-01	n/a	zip	722c0ae981c7f44fca879bbe275f973634538fda48c809162aa31acd80e22604	n/a
2019-03-01	n/a	zip	6402f729c712cd69ec5ac2783d60137e7d7162a4d90e84ca21d5a674baa7a92a	n/a
2019-03-01	n/a	zip	0a41adf21d900e5cf43e1781e730c2e90a01dc5237faf5b908091e22f810214a	n/a
2019-03-01	n/a	zip	ab57c415a28868dd7fd1b9995b040fb0a7068905fde236e213a9b5c0cc731899	n/a
2019-03-01	n/a	zip	fa2395f047f1bd1396c480055ff0614f0c5dd3ee62d04a9b814972fd77e7bce2	n/a
2019-03-01	n/a	zip	90423c4992976f51cc5de7c85bfb266c7cde4f087e43abc094f78b807fa6cd3d	n/a
2019-03-01	n/a	zip	40e5ffaa56d704f04128b4d186ad788e411bc3eb45f0a514cff4079b2608261b	n/a
2019-03-01	n/a	zip	14e32d23344a2a1bf2fb0dacf904655a4ae26be51d382a31afd028302b65371e	n/a
2019-03-01	n/a	zip	96562aa65f6c20288d4e109680d1218c2b774d65d3ae75dded047aaf48eaeeb2	n/a
2019-03-01	n/a	zip	c863ee3dba45d19bc01b641c28c78377bd0b96287f07c8d89f546a49c74341c2	n/a
2019-03-01	n/a	zip	c358637981f0f0e3dcd8f9a593e605c08d61d5f79a66c2de03b1d2fdf1c68350	n/a
2019-03-01	n/a	zip	47dfc05a77294a1b7a4e0792d2efb460d19043d43e79f704292537377d01294b	n/a
2019-03-01	n/a	zip	0e5744812afcd5d374ef02b9e731f2c8987dd29fead51079db618fb8b12ae79f	n/a
2019-03-01	n/a	zip	eb3623496fdd271e84e4a2bb36e40b5f2d26e1780218ed0e942d421cb98920b2	n/a
2019-03-01	n/a	zip	f7764b19bc4d2014463dccb4ee8f61a72db3ae10241ff0ad6c66b500fbec2dcf	n/a
2019-03-01	n/a	zip	94f02e6fed567a3c1bba0cbe56b748c60c6f8478de48416670a8c3ff0228cde4	25.86%
2019-03-01	n/a	zip	95b558fe1916917cf9e1a2c671af9ebbbc55c7fe3c81bc8b9687bc7d95199438	n/a
2019-03-01	n/a	zip	1034beaaca6879e4c214f3eb588c59a380b48ade7bdb3e70ff00151ecd665fa7	n/a
2019-03-01	n/a	zip	a36a47a94cf5a1e3f2758150652224a925832604d5e3f02858f718924435c7c5	n/a
2019-03-01	n/a	zip	ce00031b75003f84a7dd308f91483e198e5666171776f0673445656f730fbcf0	n/a