URLhaus Database

You are currently viewing the URLhaus database entry for http://jthlzphth.ga/wp-content/secure.accounts.resourses.net/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:170710
URL: http://jthlzphth.ga/wp-content/secure.accounts.resourses.net/
URL Status:Offline
Host: jthlzphth.ga
Date added:2019-04-03 12:41:06 UTC
Last online:2019-04-05 03:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2019-04-03 12:42:02 UTC to abuse{at}cloudflare[dot]com)
Takedown time:1 day, 14 hours, 45 minutes Poor (down since 2019-04-05 03:27:55 UTC)
Tags:emotet link heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2019-04-042019_04___YBCM996739691895891998___62127492454870.zipzip d10e0c82af3f1c336ae289e3813484184c00be60f31791f650beb573dece6304n/a 
2019-04-042019_04___RECH_0167736135___1209152111986734.zipzip e4291ada59f18a38e5954de1e97cb7cac7d81f57d608eaca569119bf28aa0632n/a 
2019-04-042019_04___REC_21829913339562___847018084034673.zipzip 1c8a77e901840de5c285d487cd131374c180bf42879b175cc21de78fb98a2dc7n/a 
2019-04-042019_04___YJXDW4072956973262902133___00920601047596495.zipzip a11a9db56fbd8d4f97e1f1e50e7a0a7693b639870fc37259efdc44fd7eb39af1n/a 
2019-04-042019_04___PAY_2495874516280___9091308879.zipzip 670005962bc71479591fa478f786b954c800c0edda1bbd05354099713eac4c6an/a 
2019-04-042019_04___PAY_963913807___486098379527543058.zipzip 7a41482cd7390c96931fdaa62ddde13c25056eb9a1faf0974cf64785045b107dn/a 
2019-04-042019_04___BIZ_5604641372___9337825003529.zipzip d4e6084c4000272ae8ee957f0c4b40c65add078f52ce353a015cfc1ad8bb7890n/a 
2019-04-042019_04___RECH_7306264169955629905___388594264.zipzip 9626c3e4e4c038976c31408f0166eb79a4c846bea2df08949d80067fbdfc5712n/a 
2019-04-042019_04___D322421460951327695___0701362661429705.zipzip 072a79dd34312051f3246e1ec815dd5f3f23316d142f6c4dd265a260c1da6974n/a 
2019-04-042019_04___ULU1797123697713___442337516225.zipzip 78a09f6316e6eecd5d57d3ebc3d4ff6a68c1497fd63a77e1071c37103e48de90n/a 
2019-04-042019_04___ACC_25760584588306___7845920814488393.zipzip f6a186e47ac6372b7df4a993599c8581a905684753b883474a42707916443557n/a 
2019-04-042019_04___INSTR_958591169704___72132065803775.zipzip a91da911421fbe08245bb0cd258d6c74432e5dc13e636ce1c45821d5b4bedfa4n/a 
2019-04-042019_04___RECH_1032530944609757___885915546289.zipzip c723fc5ba071004e11b6175f410c0640b04f713aabcef3b01f0b6b93b36c2445n/a 
2019-04-042019_04___ACC_92366317229___9988404336564.zipzip 14bded0e7b4f0e66771df34b6b43a5d410ab0821c77d8a820be2ec274bd607ecn/a 
2019-04-032019_04___DOCS_11939821947___80298725668.zipzip 46f82db4228c497a60cf961dca19b58f9d8c46473b0b0828020dce1e1e74d2a4n/a 
2019-04-032019_04___RECH_8766127793919___0278243751785960722.zipzip e7f531ad61f69daefca9c499a5c6a05d84a7a498a361a49d9cdf70a1ff3bf2ecn/a 
2019-04-032019_04___ACC_2939253558050181___6296158367340125.jsjs ffbe73591031973cb52f6950ed61b168a0f0bda69f004db08846dfc1bd1d1920Virustotal results 12.50% Heodo
2019-04-032019_04___BIZ_8941921201792908___1549313352648561.docdoc e340bbfe29b2651d4b6f0687ab21f884edece939008227d506bf4f27d07b395eVirustotal results 24.14%Heodo
2019-04-032019_04___E617869200896242992___1281233218854384497.docdoc 03db2b41ffd92d49ab707fe10425202440d4444618763cbd14ebb0ddaf877516Virustotal results 22.95% Heodo
2019-04-032019_04___DOCS_4306366271304___91744641809470706.docdoc 2d6ae248c1a0cd20728d4463c2fc0c932a028f0b04c73a833f39c5758c5278b0Virustotal results 24.56% Heodo