URLhaus Database

You are currently viewing the URLhaus database entry for http://tomasoleksak.com/wp-includes/zm2ga7ha2l_5q8wl-2798/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	196874
URL:	http://tomasoleksak.com/wp-includes/zm2ga7ha2l_5q8wl-2798/
URL Status:	Offline
Host:	tomasoleksak.com
Date added:	2019-05-15 21:20:13 UTC
Last online:	2019-05-22 10:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	p5yb34m
Abuse complaint sent (?):	Yes (2019-05-15 21:22:14 UTC to abuse{at}websupport[dot]sk)
Takedown time:	6 days, 12 hours, 38 minutes (down since 2019-05-22 10:00:55 UTC)
Tags:	emotet epoch2 exe heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-05-17	l00ltqx_8469.exe	exe	48ebd06305d102461a3f3028734536b8b631b88685ac819509b17036520ab378	27.14%	Heodo
2019-05-17	ri7immx0v_0421760988.exe	exe	b67a225f8f16872c2bd1783d3a3987f5914224596e4be00fe2023bd65c074c8a	32.39%	Heodo
2019-05-17	94vvtq6_2.exe	exe	6dbfcdafa6bbdcad57f7fecb66ac35b425dd37040cf6f019f02e08d8322ba9a0	34.72%	Heodo
2019-05-17	4uc6t_6888661.exe	exe	415342ef18bc4ee2d492937886fcb388c2fca0e7ec3b82ab710b1e44a6078783	33.33%	Heodo
2019-05-17	xmy8gd_0442921083.exe	exe	5003644186b5b4432496b335655c5efdb873d1b5d01abde1dd0515492225f01a	45.31%	Heodo
2019-05-17	6zlux8gvf_33695.exe	exe	628d94a3edf66fcac9e13e9fb8077d292599beee4d1e2c03036e60a52c5df5af	38.03%	Heodo
2019-05-17	fm9jz4tc_6297949112.exe	exe	fd885abd3c3895240c31fbdfba3d7126459b13cde19049b75075d5c9f3429a43	37.50%	Heodo
2019-05-17	tenh3642o_63054.exe	exe	b09685c63c725b0b310fdf63789f02133348d960651e2d3201baeec8697889c9	32.86%	Heodo
2019-05-17	sz19m0bdih_01.exe	exe	498c9cbc13bce6b86375d876acab26cf6b1884d06206aa1355755860f3509a05	n/a	Heodo
2019-05-17	7h_501123.exe	exe	a61829118a21a1425e9cbfcd03f5faa04110dd8bdf807779dab93b284f20bdf1	29.17%	Heodo
2019-05-17	ih2hl_61870623.exe	exe	02f85b5194f77857079cdbbe491f750ede1ae6f8996c6a71dc463c80b0c73b98	29.17%	Heodo
2019-05-17	h37rdn7st_96.exe	exe	3a55f6c56e928d658f0ff035d17dc8761e1ff095ba80db6d528573c26abe9ba3	29.17%	Heodo
2019-05-17	kjx34vi2_518496941.exe	exe	ed96364977f181ef7733a8b9a4940d2a529c7a1fd6cbb78130acb9c3cd60d4b9	36.62%	Heodo
2019-05-17	b2ye_870760606.exe	exe	204945ee1e17cb2684da4b1508ed2117f612d41b7f2f59d55a625db7fb5fcf36	n/a	Heodo
2019-05-17	rqeopzdx7v_3660.exe	exe	eeaa43d154db6f483d7c70dfd79897cd5fd7555439219c8bae46cc2de700f074	30.00%	Heodo
2019-05-17	iilu_62.exe	exe	a75409c3e5590c092af6770e88b632fcc85e93ae3b2985d3520e981e4926a4ac	33.80%	Heodo
2019-05-17	nrvrl_991.exe	exe	1001cfaa1f9df7bee979a80241bdc0dc69fb03870d18a095f7125d6670db9597	29.17%
2019-05-17	s9bcj_92.exe	exe	ecf2761f512e8508644abaa8b4b6eabcd526fa1199a840bf6a1376a58875ffa6	29.58%
2019-05-17	3qpowfnxqn_57742.exe	exe	feee487ffb84ccfaf11643d2a8a84c146c6caa2cacefa41dfa77578ccdcd0580	28.57%
2019-05-17	o0_19.exe	exe	6b41d80cc553fe9cf5bd205420da184c8f2e852192448302e9c053039190e806	30.99%
2019-05-17	i_903796449.exe	exe	fc64a7f68969210d1cc6a382ac9ccb9ee44ff1e661ae7e95fc21c87aa09bfddf	n/a
2019-05-17	8_7370446.exe	exe	b07751e2d8f02638024ec922a8db2a9071c8787eaa353425dc795c0d45114bda	30.00%
2019-05-17	jm_796356175.exe	exe	4415c821d0d79d7aa1da02200223a2ea40ce5b7f2c074d68dd14c423c7912124	n/a	Heodo
2019-05-17	r0df5q3_689591435.exe	exe	36c80ecfbf1e171fcb9a350e7fe7aef664038ebdb3236886d68ba91cba6c1618	30.56%
2019-05-17	vun73x_43.exe	exe	baea1d3a3ac681b1ee4df16c86614f9ec005a6c88d29a2c91373c430c8e6285a	n/a
2019-05-17	xrz_0.exe	exe	6f46b194cf2e55c06686748b3377df2b436598f6019d0f3f8918c27ff5923743	33.33%	Heodo
2019-05-17	uvi1y_94051926.exe	exe	29557f865ff994fe3571f42a8c11b600444fe7d93d6fc75eb8632e7b5b23ae14	n/a	Heodo
2019-05-16	4_6439666.exe	exe	272321f92286fd7ecc98cea2a3214977a8f8fb50f87a393c920efece6948b626	n/a	Heodo
2019-05-16	vz5_5879145.exe	exe	e004166dbf864fecae459c859c03eb00152ea3802e397a7b2a24e450ebff0a3a	25.00%	Heodo
2019-05-16	ahm1p9chk_1.exe	exe	d83d63e9bb613739bc645a539ac0aa0e3cc86031552a589bdb91726bff852008	25.71%	Heodo
2019-05-16	1uig_67542.exe	exe	d51177ce71693687ae8dd9aa92801955a0a65df8a6cbb828b525e025bf669db6	29.17%
2019-05-16	yvj1u_92091082.exe	exe	4e3ed90b70c43fe0075609314118d9bbf155ed834264a7be0c10a91ac4576ada	26.39%	Heodo
2019-05-16	2o_113412.exe	exe	a4324a5694e039ade44547da239b469b5588162f5fbfe8663981b9e0a626b4cd	25.35%	Heodo
2019-05-16	t5s5v_5150772834.exe	exe	861c52f8e0d84217ca92aab1dcd4e42599eaefd7e759a64976b05777a1757322	n/a	Heodo
2019-05-16	hgi167vx5_782.exe	exe	596d96acc54e7c52acbd8a9d59111de00b53348bb7b25c5cb33a6458cbed5c4b	29.17%
2019-05-16	xv_9129505505.exe	exe	c38fbe7ee85e7a39587205c15ca49edfc9b541c007caf082733a72ad882aa35d	25.00%	Heodo
2019-05-16	8u7_5563.exe	exe	4e0cbe8131816cc51ae1d75c543d7068426b47d0e18593324f46f389c3ab88c0	26.39%	Heodo
2019-05-16	bnf3zdrge_199968.exe	exe	2bc618ed051add34f04239c807a208fb4dd58408a47024370c105f3148aea822	30.43%
2019-05-16	1htnsg_9049721.exe	exe	b0b1d7c641c06e8eaa10b2c29e5b002904e18819f3fceba937bea36ad644bbfe	n/a
2019-05-16	db_06620.exe	exe	bdf21a35e671e0a3801bc3d73374249322aca669c6c0e485b20699bede73e5de	30.99%
2019-05-16	8u26dmu6yt_01609.exe	exe	33700734c04513e137018848ede2277b6fd5da77fe6bcb3bb7c2807c4e6d2a60	n/a	Heodo
2019-05-16	mnth9_52990.exe	exe	7198d36a4c08fed0877df7f8ba65c60f775247f35bdc58fc1da51a3913115005	25.35%	Heodo
2019-05-16	tf91eme_45.exe	exe	79f742ec11932710511e31609975a87d298763fcdeb8539eca49401d9d3aa426	29.17%
2019-05-16	o5nvl_6498.exe	exe	d113b87148ff747a1d9156377d577c29f801019539cbcccad51ee6c4d805e85b	n/a	Heodo
2019-05-16	lprncynh_586923315.exe	exe	105ad5e8672a34acd1fc97bada4c81ec51aa582205c1873456c26f84f03319ba	30.00%
2019-05-16	lvxws0vpwj_53692.exe	exe	78e172fa1e5ddd4b3be046d73ba1ea25d624e78e51984b99e39b8c1f2b1329fa	n/a	Heodo
2019-05-16	x4xa2mwa2c_063333.exe	exe	fb2f5fc662265a2cea088c5d341341015e7520661cf9a5f75b854abf0646f72f	31.94%	Heodo
2019-05-15	k_024.exe	exe	4fd7e69b107fe0c6493339f845a3c6482f6ab370f35952a13bff026b6c9a7cf2	25.00%	Heodo