URLhaus Database

You are currently viewing the URLhaus database entry for http://okuru.e-hon.info/wp/wp-admin/css/colors/blue/GKPIK.zip which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	149562
URL:	http://okuru.e-hon.info/wp/wp-admin/css/colors/blue/GKPIK.zip
URL Status:	Offline
Host:	okuru.e-hon.info
Date added:	2019-03-01 07:28:31 UTC
Last online:	2019-03-06 10:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Anonymous
Abuse complaint sent (?):	Yes (2019-03-01 07:30:09 UTC to hostmaster{at}nic[dot]ad[dot]jp)
Takedown time:	5 days, 2 hours, 38 minutes (down since 2019-03-06 10:09:05 UTC)
Tags:	js Ransomware RUS Troldesh zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT
2019-03-02	n/a	zip	998c23b389da7808d14ff33af8a4456f82decae0a2640c0495870dbbe4385058	n/a
2019-03-02	n/a	zip	24394f7e40f4dded1f202a622f1091cbec485e11452b5396287ea71df881809d	n/a
2019-03-02	n/a	zip	06475610670034a5d7c5b8d649ad255bcc3278046556dd9fcd6bef554b430027	n/a
2019-03-02	n/a	zip	b7f228679d44ecfbe18c5de56378a601747b3dda2a52c8518b8bf3fe7f10e692	n/a
2019-03-02	n/a	zip	47ea2fc23519aebd887e1bac2d6303f0419d623d554fb72b8656b193e244e06e	n/a
2019-03-02	n/a	zip	625851c8b774e01f23b6d938419c3aaca0635c9c204b39dd710f4f3ab53098a3	n/a
2019-03-01	n/a	zip	0f0ef84654a2f3fab1224ddd24e0ae6e8345adba0e0a041cca27b7db288d6e7c	n/a
2019-03-01	n/a	zip	9b0e08a069c0ac4bab18db2708f793921e9a4ed814891ad8f8c34bd880ba5f63	n/a
2019-03-01	n/a	zip	0be96a3638dfa7885990e9010eebf1e41f9bf513d7153dae9b7e2c9b4b84f256	n/a
2019-03-01	n/a	zip	0a41adf21d900e5cf43e1781e730c2e90a01dc5237faf5b908091e22f810214a	n/a
2019-03-01	n/a	zip	098d6877325b4dbc1606a49a194c24edf7ae274c32b184b33c1dfe38f181d3e1	n/a
2019-03-01	n/a	zip	ddd2f120aef08d92dad8c592f55260db3536bdff97f3ffb1bbbf1eae2883202b	n/a
2019-03-01	n/a	zip	6ab9bbdb864733fda9199014f662d93d9161d99c382aea19065c04a99fa43cd2	n/a
2019-03-01	n/a	zip	3bf0f1465e6e32b26b7edfdbcbc81770d345faf9798ccc5feec17773bd2862d8	n/a
2019-03-01	n/a	zip	ee8913429a5c8a3b889e3b0ab6368bd94cef600af7caa1fcbfde37705d5be822	n/a
2019-03-01	n/a	zip	ab795279ed9624d275797195800edb409bf606c3985b842809c7cff389817e8e	n/a
2019-03-01	n/a	zip	ed7f2ab4789498035b84e36584da2d20bed4dfc0e05df5118c85dbe1159da92c	n/a
2019-03-01	n/a	zip	0bd9c6ba43fa0c28ebbaaf51ce3cee719ae40dcb12203f43b40465fc06168ed3	n/a
2019-03-01	n/a	zip	66e04592e74f279f20a054d6be54f85f66ec33f97afac34e3a2e052b6d689c80	24.53%
2019-03-01	n/a	zip	d2b90fdeebcc208af321fe478b42320ba6da2e91297aa9f3ea2bdc2d92568a71	n/a
2019-03-01	n/a	zip	5121a20ed3a19b0173a808f51edbb01af52b8823cfc7a7c814f0709cdd33a114	n/a
2019-03-01	n/a	zip	289ef18f212e84dc484b6406d5c3ab008d2a337270061c5651a5dbae8c12e669	n/a
2019-03-01	n/a	zip	0085ba999ad0eba3f42048cf2f986b321ede46a63f781a93f516cfa29796446e	n/a
2019-03-01	n/a	zip	b4a43dcd53b6a74bd8bce67c0d2b7e49cec2f4fa074a24ee046da9d3d0a3e51b	n/a
2019-03-01	n/a	zip	7aeb59fe1fe335ae55dade5f4b04378a137bc065deb9501690fd36cf6be54fbb	18.87%
2019-03-01	n/a	zip	304985d0eb356a45922beac9bdd91ed98ed51bfdb3933e782a5a35b1891a239e	n/a
2019-03-01	n/a	zip	d375dcefc68278cb0cdb0d616d9cf814632dfd747f0e6f7a5a35525f7d3b8d3e	n/a