URLhaus Database

You are currently viewing the URLhaus database entry for http://tampaseo.com/wp-content/themes/inceptivetheme/plugins/dropdown/css/GKPIK.zip which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	149567
URL:	http://tampaseo.com/wp-content/themes/inceptivetheme/plugins/dropdown/css/GKPIK.zip
URL Status:	Offline
Host:	tampaseo.com
Date added:	2019-03-01 07:28:44 UTC
Last online:	2019-04-14 15:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Not blocked
Reporter:	Anonymous
Abuse complaint sent (?):	Yes (2019-03-01 07:30:21 UTC to abuse{at}liquidweb[dot]com)
Takedown time:	1 month, 14 days, 8 hours, 20 minutes (down since 2019-04-14 15:51:19 UTC)
Tags:	js Ransomware RUS Troldesh zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT
2019-03-02	n/a	zip	5708f77943861fcf34a1bd91cc6a1c31d75a5f928434cb1f42a3554c96b5f2aa	37.04%
2019-03-02	n/a	zip	f77dee0ac9bc0e4f698b5c65a8eea3f00ce6e84ef760a5866a43a55d5f19f65f	n/a
2019-03-02	n/a	zip	ee8f40e01fe5657aacaadd7111b03b032358700bd4ba5fa1a2b9aa625aa796b3	n/a
2019-03-02	n/a	zip	8ad85833908650305ffe80feb188624444866b418cb280d9fd1307a0766a8176	n/a
2019-03-02	n/a	zip	dc65d49355903e7cf69138b426b59b1629cd6a6490a02588ed8dca57e118cb2b	n/a
2019-03-02	n/a	zip	f324f9089f8ff471079d87fef1d3d1d0df4c1ca50dbe393f0f0608d756c59ab3	n/a
2019-03-01	n/a	zip	1ac512731ea82db144b4936f41572b1ff780bdd700607d4307c2b25729f91313	n/a
2019-03-01	n/a	zip	c72ffcfa0cf4d698934b1af205224fc84a9e18c13db5464a66bfc5f0d2b627d6	n/a
2019-03-01	n/a	zip	223f401d327c31702bdb243e1a30c2c279616bee80c32053b081622bab19fcf3	n/a
2019-03-01	n/a	zip	85d8974e50704853af42a608058c6181d1b47c5ecefdbfd1686eb03eb9827f97	n/a
2019-03-01	n/a	zip	7715b9876b648a972d850931c4038057c818dbd24e966826e01dc9bd480d0145	n/a
2019-03-01	n/a	zip	75017d22ff5def971cfe244b694a24afc342e10e86f79457262fed69effe3b24	n/a
2019-03-01	n/a	zip	f1cc268eef485bafe47af63a7910f1f6632ba3055c779817a88ae910b7e5ab81	n/a
2019-03-01	n/a	zip	fffa723961a100fd81c5b17410b50e03468960fdffda642dd52283257babc956	n/a
2019-03-01	n/a	zip	8e3095270ca996aa633ffc050275be7343b5e29c2798cd8a2157a4fcb09de9fd	n/a
2019-03-01	n/a	zip	3c8ad15fa19edfd0501d2c2525c0156cbb52f2c49b19edc6f2f93c88f0985ca7	n/a
2019-03-01	n/a	zip	fbad20ef0861f49e93dcc182e54433a4c6b98a8e72adc1eea41c9b56a5f792d7	n/a
2019-03-01	n/a	zip	2458edc5fb064f7df2d484f20543492ea70766816f6c23fee1ec44dff659875f	n/a
2019-03-01	n/a	zip	deea08b7a65f9a3db1feabf1319397d26d02f092679c42719642b3af73e2535f	n/a
2019-03-01	n/a	zip	1bfbda06a13cab24544e44e4cca117859c889bcf02e46aad89b01a82b8f26b10	n/a
2019-03-01	n/a	zip	4183b3604f4333e140adcc4328aa140a4088fc0f647d26c36b380e6f173b65b0	n/a
2019-03-01	n/a	zip	f772e2ba1de3cb8c341bfc02501e78f4c5fd444c3ee217e674198ae5ed033b8b	n/a
2019-03-01	n/a	zip	c9d50ce7cc1ae8340ae5beda92643dcc4aed2910c76a7c7366666b17819029bb	n/a
2019-03-01	n/a	zip	bb162ec265256f57dded06cac882e656300b5bc322a4b43cb67124320a035920	n/a
2019-03-01	n/a	zip	4d410bd792b001929c7e901b903059f1ef45fe91c3f8e6683413593be162d4d8	20.37%
2019-03-01	n/a	zip	9990538869e6e62cbb08dd1afc6d24d072f775a5f701960011923c3f224cdbfc	n/a
2019-03-01	n/a	zip	90144d137064cb9a3d0f85322f1a110d4712b18cb71aea9a0c40ac338f8c1703	n/a