URLhaus Database

You are currently viewing the URLhaus database entry for http://redlk.com/tqpjo/Scan/UftRuaEmi2h/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:184801
URL: http://redlk.com/tqpjo/Scan/UftRuaEmi2h/
URL Status:flame Online (spreading malware for 7 years, 2 months, 9 days, 2 hours, 23 minutes)
Host: redlk.com
Date added:2019-04-25 16:58:04 UTC
Threat:Malware download Malware download
URLhaus blocklist:Blocked
Spamhaus DBL :Abused domain (malware)
SURBL :Blocked
Quad9 :Blocked
AdGuard :Blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Not blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2025-08-12 06:30:12 UTC to abuse{at}cloudflare[dot]com)
Tags:emotet link heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-06-02d868fd73f13b2a89e732c3d7b3da1a085cc0d00c4d3cd7bebc54ddbc66eacf01.jsonjson d868fd73f13b2a89e732c3d7b3da1a085cc0d00c4d3cd7bebc54ddbc66eacf01n/a 
2019-04-26DOC_37641280498US_Apr_26_2019.docdoc 8065d2137332893c6e189b09a0e6b480e2f2955e827e0b67e4418e6a268da467Virustotal results 32.26% Heodo
2019-04-26FILE_439395613508US_Apr_26_2019.docdoc 7a6a2c210aefa9f680207555c2b909616b54e3999945d22a47241c2987debd7bn/a Heodo
2019-04-26INC_405049487571US_Apr_26_2019.docdoc 3dbb4ca641797b6f3729fbd6512e83b47426b4a20d6b490d81100dcd6786d15eVirustotal results 32.79% Heodo
2019-04-26LLC_0412907020US_Apr_26_2019.docdoc 85986ff033d06fc7f8b1eaff949a4ad970240c2a64bada0f041756bcbf184bb4Virustotal results 35.59% 
2019-04-25LLC_9539809927US_Apr_26_2019.docdoc 023da94a6a1283b26662c3583780102af5205108cb647b2ef546a4a8e5b9aa9fVirustotal results 32.79% Heodo
2019-04-25LLC_71093424455US_Apr_26_2019.docdoc 4f4e11330d4a08dc6efb1ea46d5a662e9f538b86664ffe3d721e5294ceb7d430Virustotal results 30.51% Heodo
2019-04-25LLC_4655243110US_Apr_26_2019.docdoc 2d4c029c63ed1ca1131a3ddda7fd4e66078676407a476a00ccd09d2a85c8079bn/a Heodo
2019-04-25INC_0660701763US_Apr_25_2019.docdoc df0fb247a70c89c6562901405d16cc4d36f5052d95ecedc5b9ed5185a0125f91Virustotal results 27.42% Heodo
2019-04-25FILE_31335678413US_Apr_25_2019.docdoc a11052d85933b9ebe77b92056e6efbd89393fecb51e3f0fd80a4cfa946cdb7d5Virustotal results 27.87% 
2019-04-25SCAN_582679821756US_Apr_25_2019.docdoc c10e6f58b4c3cef4ec5fc1bdb39d5d879c7a9c62e261bb47a74dff8c0d20118dVirustotal results 27.42% Heodo
2019-04-25DOC_5006022602US_Apr_25_2019.docdoc 4c1f0a189477f1330c20a8a8869317569be3d5d87d018263babf560c454bc7efVirustotal results 27.87% Heodo
2019-04-25SCAN_5421991074US_Apr_25_2019.docdoc 6e63ea61f944615450899ffdd9a9444c1051c7a66f3e5a089c4a6ed2da6e6ff1Virustotal results 29.51% Heodo
2019-04-25LLC_2588530962US_Apr_25_2019.zipzip 801da746f13cacbbfd2845ea24193c44c93d09d0fbca4c964af031db7b7647f1n/a 
2019-04-25Document_791957147737US_Apr_25_2019.zipzip e43862a409f891eeb4b60f5fd39799a5b7cdaff292190112676d682a1e2c62adn/a