URLhaus Database

You are currently viewing the URLhaus database entry for http://www.mortalityreview.net/wp-includes/GX/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry




ID:178126
URL: http://www.mortalityreview.net/wp-includes/GX/
URL Status:Offline
Host: www.mortalityreview.net
Date added:2019-04-15 21:50:35 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2019-04-15 21:52:08 UTC to abuse{at}bluehost[dot]com)
Takedown time:8 hours, 44 minutes Good
Tags:emotet link epoch1 exe heodo link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-04-16OYFIV7ohNdhK.exeexe 8e4dcbe36631ab0136ce708f08fd2a2555f5196a901cf57d90ff5ba0afb4d9f5Virustotal results 21.21%Heodo
2019-04-16BS6WRa9oDYN.exeexe 843b1a978e5b10635bbd1807cad4484edd5390e98d51cce14a6db915fcfa6d0bVirustotal results 22.06%Heodo
2019-04-16UooxQgCe1.exeexe da9609a10c0a5e700cbac0ffc0435c47cc6ad46d412e2d7a0e64630ced7bc483Virustotal results 26.87%Heodo
2019-04-165muyJrxra.exeexe 40e0ed409266e7580c9c3253d63add9ef2325fd9c1324a4a8ab81b3a9cf4e619Virustotal results 23.88%Heodo
2019-04-16IXc8J1dtkK.exeexe cf5f6f114b617e4d95cf7b562dc18a2aa5f3ea8b64ca342e4f10089ac2845f1bVirustotal results 24.24%Heodo
2019-04-16c5mIshqoY0.exeexe 6d5df66f972c4adb6d4efdb0a7a7602725a64c042bac3e69d248e60d783e5329n/aHeodo
2019-04-161AaAgE4AQB.exeexe bb5c36c9f342350c679afb6faefcc36e588a9eac90a1918131e16ad6cff88835n/aHeodo
2019-04-16jB2owdaUW8B9.exeexe 26bce1f17e3cf7a1251c72dabe741f909b2c99d5c90fe030b4436d4fe7510b9bVirustotal results 26.76%Heodo
2019-04-15amAaul06LL4.exeexe 036023125a9baf5e84b02b8ff659b1e4fddd23926df4704eea61105ec54ec081n/aHeodo
2019-04-15wwGN5QTRneK.exeexe 52fe2d40496ceb68201d80c523cb228f4819f7265d89e250dad4b8f95cd023efn/aHeodo
2019-04-15F1uYAMlt.exeexe 39f4a58c3e9636eee7d21571f9a7ef734b24f2bb6c648e177b11b7178f3d6c02Virustotal results 25.76%Heodo
2019-04-15IA8O0GFG49X.exeexe 0fbd1cac2909c386aeded81a1eb8de22604f877ced2a633a6dc9ea27862a9668Virustotal results 25.76%Heodo