URLhaus Database

You are currently viewing the URLhaus database entry for http://lawfirm.paperbirdtech.com/wash.php which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1602778
URL: http://lawfirm.paperbirdtech.com/wash.php
URL Status:flame Online (spreading malware for 4 years, 10 months, 13 days, 3 hours, 13 minutes)
Host: lawfirm.paperbirdtech.com
Date added:2021-09-08 15:06:04 UTC
Threat:Malware download Malware download
URLhaus blocklist:Blocked
Spamhaus DBL :Abused domain (malware)
SURBL :Not blocked
Quad9 :Blocked
AdGuard :Blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2026-04-09 13:47:11 UTC to abuse{at}ipxo[dot]com,report{at}abuseradar[dot]com)
Tags:doc hancitor link html

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-06-26wash.phphtml 4e5992f6cc4a79056b1eb353e670b48b79b27f9dcc23092f5e8e044f4fce75b2n/a 
2026-06-26wash.phphtml 18209feb85185fa644aa4bf9aeb0bc5bf4246f4b741305e7dc5962bb46c547b1n/a 
2026-06-25wash.phphtml 5bbd7a0c4874e1dd4488733028c61eb7394ca7966ee10031f3c280c4e7740799n/a 
2026-06-21wash.phphtml 0d54e17a323c886b636fe7129ced771f353a74625f9edd8814995bf5efd3333bn/a 
2026-06-20wash.phphtml 99424e1ce92c1c06e2d088003270cd577d8feeb69f90d1e639a002d2c62c3655n/a 
2026-06-18wash.phphtml e3e07ec333eef44ae6a56edba987e7ec821076593fa2e21eb6ec3662e3eefbe4n/a 
2026-06-16wash.phphtml 35d99d476a8f48ddaa766ff72c1ecb1a3ea051c26ebb93a76a62f2028526113en/a 
2026-06-15wash.phphtml 8e40a1d2f54d0d4f0bb73094584c53e4793ddc7213e53908525f78bbaba188cdn/a 
2026-06-11wash.phphtml 7c34d433229fdd72be72ea31397e66f4079e2bf6f7fc2e7421873170f9f7a893n/a 
2026-06-11wash.phphtml 75dafb228cd0b62dcd0aa750c554153c4cf273a84c6bff728e36b8c8128a3ccfn/a 
2026-06-05wash.phphtml 8a34d8c9edc5e0094b1d53b1d12f63425ad52d5429d0fcd496c57c13a7090d7fn/a 
2026-06-02wash.phphtml 72759cf464db76f8e892088499f5cdf6e02ec8013a9d4fdc05584b1855b5b531n/a 
2026-06-01wash.phphtml d0c50a9c32d9b2b88dfc2f56ff0ddc345b641b8eb66868160310e6a41455decfn/a 
2026-05-27wash.phphtml 461e26718029aa65fd50fd748da492930e717ac5871586d9041534382b7af94cn/a 
2026-05-22wash.phphtml 9717a8f5c0bcd008e9431e92528c2b56d7c8ab53b6552bb3145a16b2d6b9fb4an/a 
2026-05-18wash.phphtml 81676931fac9e6b29eb2f74bd4f361459ff31c388937d844e94134274bd8cec3n/a 
2026-05-15wash.phphtml 8b183c6680735a6f66f81b537df2b11c714dcbc4fb24a579760dbe91fa98ed1an/a 
2026-05-12wash.phphtml 251fd86a516977106cf305e68c8104eeb836c52567d0a5708d21166873b956dcn/a 
2026-05-11wash.phphtml 63488d84c7fd3337354c6a42fd21edf7b4263c6fab3d1f92fb8d91a974c1f3fan/a 
2026-04-09wash.phphtml 62e1afaa0557c0e9db644b8f5aee18738559785d365a0e091af06bd5705918a8n/a