URLhaus Database

You are currently viewing the URLhaus database entry for http://flybustravel.com/cgi-bin/2TjUH/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2007892
URL: http://flybustravel.com/cgi-bin/2TjUH/
URL Status:Offline
Host: flybustravel.com
Date added:2022-01-26 23:09:07 UTC
Last online:2022-01-27 12:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-26 23:10:55 UTC to abuse{at}contabo[dot]de)
Takedown time:13 hours, 20 minutes Good (down since 2022-01-27 12:31:40 UTC)
Tags:dll emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-27m62.dlldll 25af08a238ddb27375022efe8ef9ce397df2f98fac12daba97dd546b2c1cd998n/a Heodo
2022-01-27WtRT5dS1oZVhoa.dlldll 4e8bc46e472c606ebbfe2c87569937d461cbea85f7bf1a86dea24c29b710ec2dn/a Heodo
2022-01-27QwWNtPWu3H.dlldll 9fce2d714f3c6148cc13e0858aee56921e33f3eb65f93dd91455953c7274940dn/a Heodo
2022-01-27ZP5kwcKrRnTIChU.dlldll 138cc520fff7a34ff08d7161e98d36032ac4b24c2baf7c5544a6c3700c07535cn/a Heodo
2022-01-27zEHcOee5A.dlldll 057c257d77597f48d863e0cb1dbb04101916b5ff384d9ff4ec8126a0f6bb2d7cn/a Heodo
2022-01-27XkBLww.dlldll e9434c73e8149355f2ad2ef789128008d667dfdc8cd45324b7ed6980e6d1573an/a Heodo
2022-01-27ToxUrLJR41AMaLvciT.dlldll b38bc57fa77213bbe755618428d6cc8d1d87170d851b7ab6c768f83e20f22ab3Virustotal results 22.39% Heodo
2022-01-27HBBonz.dlldll cdbae664242c4fb7c7c013d45d2602e77e950663d9d437418629a1fd01706dc0Virustotal results 24.24% Heodo
2022-01-275XkOFtbafjyk.dlldll ee1eb21f1ae349dfe4b205834252a06c83e87ba61d86963dd2240ef7fb2fe5a2Virustotal results 19.40% Heodo
2022-01-27Gig23jFYPF.dlldll 774bdb92877fba3a7ab49e7bc8a3bbd8c00e9d00562789d3c00d1dd9b3d3c862Virustotal results 23.53% Heodo
2022-01-274XqPL1XZ8i.dlldll ac74f92ab699b30fbd22048914fef95625540a3f75080a68e3b41eaaf40d712an/a Heodo
2022-01-272pv09QEEtn9g3El.dlldll 8ead14638ad8b4e2c34d25392c8c76c59c9f6c88ae21cc1e1c7bc910aef145e5n/a Heodo
2022-01-27eGsgx.dlldll 964c621d1863625ec081aaa0d4d451401ffa42e4eb647f49db214dae8989e8e9n/a Heodo
2022-01-27h60m6d0MJNCHRjDwv.dlldll cb27b3ae4da04828fe32ad5a55e64d73b2c92a93c78ab793b043f49f7356b900Virustotal results 23.88% Heodo
2022-01-27Zp5eWbIkM3SHTOt.dlldll 5b72dfaf46ff251470b6b4c139b9c11ae57f3263b5ccfcf7092679b503e5aa70Virustotal results 21.88% Heodo
2022-01-27waiYat38ekznd.dlldll 551ddd92e7aace1a7a6f4b28681efd9a0fb1f7ad6cb203a4a94609b99a9ba1f6Virustotal results 19.40% Heodo
2022-01-27wwfD1krwkee.dlldll c5ee8ea65747412d8f5d26e36c9a3709ff762ffc9467a98c94f421be85c9a46dn/a Heodo
2022-01-27YvGU7Iux.dlldll 8cc09872871f978eee5a45155d6800149b8bab28d0e507243df796c25d603d05n/a Heodo
2022-01-27vVhpKg1J.dlldll ed7b82cf086396d935f16b66781d49fcf3a05ae9853b556e238a53a105c6134dn/a Heodo
2022-01-27nlZ0qB9lq0L5yj.dlldll 41c5edfc327cf075843d6d449c0b6bc5e6aa24c8e9a8c5c96b61501e68a359fdn/a Heodo
2022-01-27AnkZVAW95RX3dK.dlldll 8be0d1c4bcaa43cd2c963244e52710ff181578ac081ad3a6afd2c48532606c09n/a Heodo
2022-01-2794QD1K.dlldll 8c1369414ec1ff72d957a62f7567e52659472c6a82ef54bb000d41e6b168e5can/a Heodo
2022-01-2773S.dlldll 7921eaba0a9a8e990e7a911b90d07b07905b4ff57d5743d113d787a104b74ec0n/a Heodo
2022-01-27mU4iPk.dlldll c9efc26724c473d3b2b80eeb9cd64970f568f0bfb0ca90642e970d80439c4212Virustotal results 19.70% Heodo
2022-01-27FmQAXB9XvWT5hZT1Ak.dlldll 648b6e9522e22f2d4e1e9c1f5c9411662ea01af1b2f10650dadfe36f5975b1d9n/a Heodo
2022-01-27MTZaJxUGXghiRuP.dlldll fa8ce0592ffde3d21d2c53d99da305d6b2cddefd16302db340957364a8653bc0n/a Heodo
2022-01-2705uEBUfOso6wJVJd.dlldll fab0ec62e7df6b8d7868154e921f1a4c40757f1bc00f95afb596321a3fb41280Virustotal results 20.59% Heodo
2022-01-27Azvknnw.dlldll 3c1e075a99bd275028c8301de8ce057b2a6ebf922fe4e1c2505e474670ca8a4bn/a Heodo
2022-01-27xGmX9fs73iJl.dlldll 140f8446e4d48c75db33b77ec3932054ab68415843b999180cd4b4c93a21febeVirustotal results 17.65% Heodo
2022-01-27kSJewaaWAmsiXqfMWf.dlldll b29cfca43a9fc99de577b464922c237656cf953d884a8948404607e022f04108Virustotal results 17.91% Heodo
2022-01-27dKliqrr2OCShG.dlldll fa024055f3e34cbb283996e04f596754856408d7913b4a9630e6e82e6eb077f9n/a Heodo
2022-01-272l5DBGiNHj0ByEkAA6k.dlldll 8a7ca7fa70e74a5af58c9f0eb8e82e977d9648a26ed82f28097fe2400fa23321Virustotal results 19.12% Heodo
2022-01-27Rw99Y2YN8z.dlldll 231445d94bab3298d35a343b2805a2ec8134da2c36ee10ab188428517688d83dVirustotal results 14.93% Heodo
2022-01-27UrpxHVGuiJESvG.dlldll 4ae6ba768a2d33a2f26e3b6f94e233c08979512da7dd3ba8a25e2466271acee7Virustotal results 14.71% Heodo
2022-01-27Yz0VsjxCWPPEz8Q6.dlldll d79451003e4718f0c912634b7e68653598ac66cf99dcf62f65fa2688443cd4f2n/a Heodo
2022-01-27SZRydpfrZ.dlldll 402e00c272c340e6a9f092919074492b585e1778c1b4c91e67640fcb27ef4571n/a Heodo
2022-01-27QAQ6g4XO34A1G.dlldll 5fe1dfb2de98cf5b4e106cff4580e918df657b1831d3430fc93e1b757b8f7f88n/a Heodo
2022-01-271WW8O6vmukTLwW5F.dlldll 1f264a115e4e39b3fae16620c95a138cdbe1633cb5f1361d7943061c9bff6430n/a Heodo
2022-01-27YCtgovJY8X1SeP.dlldll b0939f64911b1df7fc856dbfa67076c8115096e6c5966e17eaff3721aa36a7f5n/a Heodo
2022-01-27gJiL.dlldll c8bacc39cda460edfd4ff4208f9ed64cb3eec8af1ba00ff56d626f5d0445f39fVirustotal results 19.40% Heodo
2022-01-27YutWOpyvGDLQLR.dlldll 1ec013d74f045ba89078961250b37c272a62f6d453aa985cba4839830b78c1c2Virustotal results 14.93% Heodo
2022-01-27cc29.dlldll f652ec339c1d8b66d712ab871363932380f83f6f1a499f64a8b7d52c65659346Virustotal results 16.92% Heodo
2022-01-27Ex2eb35O5yDfg7Nc.dlldll 597a7d0051c3fd53fa1bc36dd4fe83e5fcc9e0ff7c895e034d3b97d9fba57433Virustotal results 13.43% Heodo
2022-01-273MTeFxqygBuX2ZYLG.dlldll d66423b08ceac973780805d5641fcf3a957401ec91c48f22c2505ab694969a3fn/aHeodo
2022-01-26A0QixdkdUOTDn82.dlldll f0ad6d41eca080dd39abcb0f10ca823705d2d65aa12ebdd1ca08e84b71c68201n/a Heodo
2022-01-26nLcfsqHq.dlldll 14c59cd3528dca9c54fa1ee37e60b5bb3d6970213556dc30bac8093fa6ea6328n/a Heodo
2022-01-26zWW.dlldll 9ec7248fbb80ed98d0fb1c9184b2d6d6c344678d492f7b9669eb6838ef442b62Virustotal results 12.12% Heodo
2022-01-26fBBvaOcHQB1YBaRAt.dlldll 62497f4ceb86375b862c1e126d113354e16dd134a77e981ba6b4e77dd0ddd54en/a Heodo