URLhaus Database

You are currently viewing the URLhaus database entry for http://queens.renovatiog.ltd/wp-includes/LDH/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2004458
URL: http://queens.renovatiog.ltd/wp-includes/LDH/
URL Status:Offline
Host: queens.renovatiog.ltd
Date added:2022-01-25 07:24:34 UTC
Last online:2022-01-25 19:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-25 07:52:11 UTC to abuse{at}a2hosting[dot]com)
Takedown time:11 hours, 23 minutes Good (down since 2022-01-25 19:15:29 UTC)
Tags:dll emotet link epoch4 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-25oh3R6Xs.dlldll 5c4558f78d0fa64b56cd82b4b2954d8904556d060f5c942136d3504b9999b002n/a Heodo
2022-01-25tzEYUFEZGdrPzct.dlldll e199da55bd9b514a40b8269144295ce6dcd60c60b0de142de5040483cd8ac755n/a Heodo
2022-01-25BBXd2dnQpz87.dlldll bc0351fc39c7ae14a8f273fe7f6d36a22b3fef6fb645fe7135d289ef438b99fcn/a Heodo
2022-01-25fEHbT.dlldll a047a298281bae8c8dbe5c9e4ba2bfe3823276f8356665f8056f7c1bab68ef15n/a Heodo
2022-01-25kPgwqTwwO.dlldll 32a84f0c7dcd1fc9e382998eb74dd4add6a9a3f3ac9f2fc55f361b16e1e2c7bcn/a Heodo
2022-01-25xLDVRheSZYVo.dlldll a9b44734b4dbdc5ebc767f4b90dda197b644ca710c54b35815adc0c11ee6be5cn/a Heodo
2022-01-25Oz5vQk7nSR.dlldll 2fda8e784cf541f2fed785b1c900063b439bcb89382fdc4f30d50680e98cfebdn/a Heodo
2022-01-25GhoBQVxJ.dlldll d406ff0d3162d513f9bd3b508ef63ccd3e6895e62441f45017e62caa461092edn/a Heodo
2022-01-25o50Oe5fgUu0IrO.dlldll b48cde0f0da462f3a212f39aea0443e3b3c432c9156cdd3085a93434c7de9301n/a Heodo
2022-01-25Lsv.dlldll 07f18c7b91dbb85f16a0b8957c3baa88226b9740a6e32aac95c44eb3935677c8Virustotal results 13.64% Heodo
2022-01-256n4bJKQc0Yoo.dlldll 52addf8887c52c885a08fd0850bfc76e23d7fad8620eb0c3eb88f1a1470a197an/a Heodo
2022-01-25rw.dlldll 7214f912f0e69430c880baa49c218a253ed64f347040428f5eb11709302bdeddn/a Heodo
2022-01-25WqXfJgBEV.dlldll 4ad336b2b837ecf7a753bcb81628fac85321b99d3d7d455b7ba2389e6cb19360n/a Heodo
2022-01-25szvVP5C4.dlldll 6e0fd1f4865a145440355a56f8cd2dda074a7d1ee19b3baf534a036dc826f642n/a Heodo
2022-01-25IQChajhF5Ugy.dlldll 25b4f65f86eb58fb63a08afd03533d4b4cda6f02a0fc6621cd6c2da247c12c81n/aHeodo
2022-01-25jfgsuwT.dlldll ed8022289961d20590f393254f40656080cf42817d870842ce59bba82673d056n/a Heodo
2022-01-25JFRrO5t.dlldll 46e6f741b0aa83c38c4d35865996e5d0dc3efaac242114e5139772c2a88e69ecVirustotal results 19.70% Heodo
2022-01-25HVyhZgc0dTS.dlldll df5de2c8e81b22c354676c1e5be0131642e3270c333648586f68ee7fe87a3a9cVirustotal results 18.46% Heodo
2022-01-25WRDbkY.dlldll 81490c3f60b48d125c0eb79f44e84e42adada98c98cf951a3cbeba7b1c9ab1b9n/a Heodo
2022-01-25qBhd3GvGg9Gdo5.dlldll adff6dcd63533ca82c79cc8b37d5a1dde2823e1ca83a4113883b77037aac3f23Virustotal results 18.18% Heodo
2022-01-25uZuc69MDQG.dlldll 2b1df466665d24dff1386d2c8c990ee3661024566cdb33be7b9ce1f9adf5160cn/a Heodo
2022-01-250ssUzrbvkpYrL.dlldll 855de471eac3f99974bb06ec41a5dbadcc62da68bb0cfafcf0c7ff428fdf4094Virustotal results 38.46% Heodo
2022-01-25z99.dlldll 4cb7523706bdde6d8c689110be4ce3c01f63e3e09948d0fe56772bd9ddb638b9n/a Heodo
2022-01-25XSZg7A0v1wLkOC.dlldll e6a51599ea5d10517d15faae35b2226014d9b704febfba097840841c35c0da7cn/a Heodo
2022-01-25BjDo2Oeo14sZlCr.dlldll ce910898884f2cead0fa5783564881fb7a49ae14b61abe2d80eacf6688eea732n/aHeodo
2022-01-25gRl3wjrmP98E2m37.dlldll a3b78fb24723a60f63c680ec82cc099120a8f1be79650c47402b5628be2063b9n/a Heodo
2022-01-2558R62PQy7n.dlldll 278de75f348bb3e33beb7e51a0b9e671726caf974888af02de09c8596ab27ae5n/a Heodo
2022-01-25zZtx4R0.dlldll 3a32df5d75a181b2a83d3742730779af05bf47bd5fcd2c9103d454d5a8f2188cn/a Heodo
2022-01-25vh1pzZRH6Lywv.dlldll 158a7821019dc2a17468ba0937ad75432c4b92f979d42b00b3c2453380792be1n/a Heodo
2022-01-25G0aRi.dlldll 0d59a081f48ec4740812f37c5ff31bdbddc9eeaf92e2440255d508f1588b7800Virustotal results 32.84% Heodo
2022-01-25KQENhatVEkqi3.dlldll 63baa534be6a05d3060a182736a7ce8618019899deccbc8b15c0f916edd689d2n/a Heodo
2022-01-25rIwo7U59CA1.dlldll b6a168bc000ee19ee16ae1eff5c97e7254cc4cf6aa6692cc298bd35bacc9a538n/a Heodo
2022-01-256TSRUCW5u.dlldll 10bdd54435599bfd54fe914be72fe34de89fcf97bfd96da56f0b777bd2910e0fVirustotal results 35.29% Heodo
2022-01-25sIKLddNhkYsdf7dIXk.dlldll 1da6d50c78aaa6a1cdee6e53681584b85ea3c28630f4709c8b5c2d10db5f6f40n/a Heodo
2022-01-258zaHfZtqs42LOf.dlldll e66915c9ab51e8e5a1d83de94653744f822b8d7446d628f5fbe0a281c5a41f49n/a Heodo
2022-01-25MlgIbttDw.dlldll d158bb0d69c00cecebbcfbfbcda0f8c269aa6dbd5603c81f18201081f72228b8n/a Heodo
2022-01-25yuQdEw.dlldll f689463089d3580caba166a156931155e437241b58bcc434f672302132252921Virustotal results 27.69% Heodo