URLhaus Database

You are currently viewing the URLhaus database entry for https://altitude.rafemcha.com/custom_models/yqa88sprHlUEA3P/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2007512
URL: https://altitude.rafemcha.com/custom_models/yqa88sprHlUEA3P/
URL Status:Offline
Host: altitude.rafemcha.com
Date added:2022-01-26 15:06:06 UTC
Last online:2022-02-03 02:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-02-02 10:48:04 UTC to abuse{at}cloudflare[dot]com)
Takedown time:8 days, 0 hours, 49 minutes Bad (down since 2022-02-03 15:59:17 UTC)
Tags:emotet link epoch5 exe heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-26sgWkDEEYgawJUGS9G.dlldll 32339059497325e772bdeac026203c655773a794145c6a5fcf306a38d3cc6823Virustotal results 39.71% Heodo
2022-01-26yPoFz.dlldll 4b092a8bfb415e907553f34af40850800965541e2fc6863bad9dc4c9f47a9bb7n/a Heodo
2022-01-263nM.dlldll 9779fc208b8755e10ae7cc15306fc8038ac0b6bcaf846cdc46318e808d5e1dddn/a Heodo
2022-01-26QNWaGa2VyE.dlldll 663f0d0d34f3c5c183e8ee5aacd936aced50622c3405178529ae357d129378a5n/a Heodo
2022-01-26ucpFWqFyWD8XTxTX.dlldll e3d609170034b78074283cf5007501ba53fb4fc480d954ea24a18799d53d5d9an/a Heodo
2022-01-26Vb21mx6ckCa96E94vmm.dlldll 7965b862f6952e3ce08abe35946448167f444187963cf076fb00cc93cab92cb6n/aHeodo
2022-01-26176FNfHEP.dlldll 7f72866b474d53336192add3a1448934073ff735e28209df227ddb2bc79b65a3n/a Heodo
2022-01-26JbzpSsnOk3gtfBhCU3C.dlldll b77bdb13ea4fadbf94f273d1e4fa68d38fc4fc96726d473f47ac0baac87e79fen/a Heodo
2022-01-26Ym0tj6wu.dlldll d62fea909d9b0d19aa0d506ffa5473933f27146b5baec2b694a554b58db0fb49n/a Heodo
2022-01-26FiFuKI7.dlldll 8e0209e1f819f0deb893ab4b13663bee628d6986a0b13274e7289991705a8f76n/a Heodo
2022-01-26Qlqg9950Byc7tg8CAFW.dlldll e014a894264ab08d8eaeb530c3de52c7b579242111adb30bf9b142441a02c5d7n/a Heodo
2022-01-26HHHs1j3PQJ9RI9WU.dlldll 2b9f545f12d96931e4c03342f751e28ece3664b2f66ce2303bee45ba629162aan/a Heodo
2022-01-26oCtRiL5I1ADwSmiNhA.dlldll 54ce76518350d6622ac3155355b829456b9086e10dd3c8921bd9b5fec6692de7n/a Heodo
2022-01-26zXrkozjLIKm.dlldll dbae26742b01876c214ee9d03d32fcd55c8027034d74e152fbc35941a97818f2n/a Heodo
2022-01-263PfjUtf0NG3P0ato72N.dlldll b8d01957e68167f43d52a7a8aeb880209977195d0cd909f8d103888fec284e50n/a Heodo
2022-01-26bwkbga1xpng5kk.dlldll 95702f17527c7f327d39aa8351628150c0b90b1270639beef4f5b77410721f6fn/a Heodo
2022-01-26AUO93qzZAdNk2MIc.dlldll 7f80757e26b6801ba479bccdc78fc97c01fb55eb1675682878339248ae765d2bn/a Heodo