URLhaus Database

You are currently viewing the URLhaus database entry for http://actividades.laforetlanguages.com/wp-admin/OfFq/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2019156
URL: http://actividades.laforetlanguages.com/wp-admin/OfFq/
URL Status:Offline
Host: actividades.laforetlanguages.com
Date added:2022-01-31 16:29:04 UTC
Last online:2022-03-14 19:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-31 16:30:19 UTC to abuse{at}oneandone[dot]net)
Takedown time:1 month, 12 days, 3 hours, 8 minutes Bad (down since 2022-03-14 19:38:32 UTC)
Tags:dll emotet link epoch4 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-03-14n/aunknown e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855Virustotal results 0.00% 
2022-02-02fC4.dlldll 192eca602bb901a236a3453e819c277ec87d3d3981a1f8289854c9a329a43474Virustotal results 18.75% Heodo
2022-02-021vAKHiWd.dlldll 84c32579827e59b2db4fe02b2e5dd8d5d691781125488be67d7c692fc965227eVirustotal results 15.15% Heodo
2022-02-02OoSNwapnI0s.dlldll 1e1f099a72250ad87dca8152da177a897fd40487d1d64b618c481eea65d16940Virustotal results 15.94% Heodo
2022-02-02Fwxbo5oasHRqVd6Qg.dlldll cbd94c7166a384ecd2580d1103436858ea0a3ccb961f9befdca35962382c098cVirustotal results 14.49% Heodo
2022-02-02pWROhUyyPFcMX.dlldll 538fc21a243543be905e44aa1497e806b98f345c8e46a08c5deac9a50a632c69n/a Heodo
2022-02-02QuojJ8U7E5bczM.dlldll 92f4826c381771db1fd1054e78b5fbb0439f06acb5c513e26f6b8e1b09ff1718n/a Heodo
2022-02-028Q.dlldll 567677672380c67d7bc105ae1e32e3533ccf892af5a4c10de79007d3dc873112Virustotal results 8.62% Heodo
2022-02-02dWngZigUA8hX6rE.dlldll cd20436d9d506c0323ed380a81a0fdd51d15414c29d3dc8aba42f16568024b33n/a Heodo
2022-02-02rwPmf9XCxxIJ6Op.dlldll 4f4e148ddb95d149e445513367851fe4ffb9c32a4062269f3416a3ce0a69ef75Virustotal results 7.46% Heodo
2022-02-02sF77wjv0my.dlldll 9322697d99b86af576c7ad83047876606b673f653a692da18065d8275c482af8n/a Heodo
2022-02-01ftcM.dlldll 9c1382813500b872356545d97a8c2ee5e04e1c2530e2debb863191346981c333n/a Heodo
2022-02-01QZVnA0pQy9TPJIvjl.dlldll 5ff27096aa26f5ebeda9f9a54f1be9dd51707a7880fc2b6c90297276b6991d7eVirustotal results 9.38% Heodo
2022-02-01vAa3PEOlEiyZE7.dlldll a5ee473e61235d3bd359c4a952cfecd592477977273a2f4502af7f9009f576ffVirustotal results 5.97% Heodo
2022-02-018szU4PGHpGg5Gn3t.dlldll caf74d24fa44d9050ec95ad0d28a5845fb1c115cd16227314e37897d4dee1e28n/a Heodo
2022-02-01fj54J4zRbChxjSct.dlldll 23279964c7ce4cebd1f56119349125df8ef69a8b6acada5169b92ecf8d6ee952n/a Heodo
2022-02-01LkaRx7TsR71Ez6ZZ.dlldll 63935401fc2463e09cef95ee3a09b418a9cfdb421257a85e994ed3b00b148f4bVirustotal results 5.97% Heodo
2022-02-01zhKm.dlldll 48b78de2c0702721fbf0dd339047f253ff94c5dd6420f2f84dadbcfb4bfbb600n/a Heodo
2022-02-018CJ1fT.dlldll e5493f08d4b2e9490de3fdf2beed5b7938fa5eac1cccfda3db617d5dc8ca648fn/a Heodo
2022-02-01PlDLssuWElkwZmtF.dlldll 33b8eabc69ffcb0b9f96bfed0e0dd320111880205066cbe83ce6fc3fc9d7f634Virustotal results 41.79% Heodo
2022-02-01y97somW.dlldll ea0376102ad1ac018242785d3d86e0420db190d5e025020f8d7e3b56bd54f573n/a Heodo
2022-02-01Sy.dlldll 7d5ede5e03447120685a535920454af9572228d9f768416e7afca2309c271074Virustotal results 39.06% Heodo
2022-02-01j.dlldll 86e74d795ec534c13b8f7178e3ed93708e39da9c3d68b3ef97eb28bce68c193aVirustotal results 36.76% Heodo
2022-02-01P3B8SSk3.dlldll c6f69fbf99bbaf8ffdb331710550b2c47bd850d946be3f8f820c8f73e0462d35n/a Heodo
2022-02-01YT9rBI4oAlk7AlhW.dlldll 595ad4fe70ad50c1204a2ee327acf6caeaaeb12ab094834710d0550250cb3c4an/a Heodo
2022-02-016wEva.dlldll 86e99c5f3c34a72917994ffea80acfee59eead78d2e74ba1a5179d890d3afbd9Virustotal results 39.06% Heodo
2022-02-01557JAGbWPzGw5n.dlldll ead90a00ab186824c44736e7971f72ef17fa48dd08f9e0ec6c75880874fe9b5bVirustotal results 37.31% Heodo
2022-02-01GfJGXwgauYWD3ZKCBu.dlldll 4fe587d9f5de5c5c479bae3c43b4750ebf5ad78283a10a0af801879dc1ee0bffVirustotal results 37.68% Heodo
2022-02-01VIhG.dlldll 9332c45f961484cf8d833a64fa047cf5985fd817e0fc9159412e01fe0e587438Virustotal results 36.92% 
2022-02-01pExEew7nzEiyTfrb8b.dlldll bcf156a282e0b8a3cf81d4fc85b22dc20a8d6576f54298c779b3c37dd437864bVirustotal results 32.35% Heodo
2022-02-01H.dlldll bd7a05854d64015c98583d929d75cdef55c032044c218b6d0f19c8f560745933Virustotal results 38.46% Heodo
2022-02-01KDZfB5FPI7v.dlldll fb535daf645bdafb7bca9566fb15c3e78ee885a0e17e214c31984b5e4ef4b4e3Virustotal results 31.88% Heodo
2022-02-01i8O15w3g7HDeLVn7oI.dlldll 8eead0b1286469e1d839bda9b1915c40c4ec4b3e92f75b4d3f1c22f9a62afbcdn/a Heodo
2022-02-018ZOcazfHDqM7DiCXm.dlldll d3d6b7d4584c268c31977cf868e532fe4cf0780061489fa23751aa4c74648effVirustotal results 25.37% Heodo
2022-02-01sQIPPBnbA2M48A.dlldll ee384bdb96322c80510dc9d186ca8bc269d46d69affa514fe3b26d533b26367dVirustotal results 23.53% Heodo
2022-02-014oCR.dlldll 4f0d25d757f1daf8c4137b18e77b6fa51d36253d00e37f00a35e783a86242cd1Virustotal results 23.53% Heodo
2022-02-01IPmR0q.dlldll 101b4b05210c41183d00706ab8667346b1da367c8bf6a7f084ba0ce1b9fd2343Virustotal results 21.88% Heodo
2022-02-01mN.dlldll a8a2c4d8fae993c15ebcfb60915c77f982c9355f4dd686e85849f9a5e95fed97Virustotal results 24.24% Heodo
2022-02-01w.dlldll b2939a346d22d402ab1f05739beca388289ad2768a4e5e668cb1dcdd8dcc9cb6Virustotal results 23.08% Heodo
2022-02-01HZRJ.dlldll 8bf904d0515e60659dc8e969b2dfc76a095e9b21c36e20b54fa4324837567611Virustotal results 20.59% Heodo
2022-02-01gPLvx.dlldll 26f55ffa9e8f2c08ba89530f9cf607c1ae55ef1b95e05ad16a792bcf2d294b3en/a Heodo
2022-01-31nnl3mwWZp.dlldll fe33c477018f971de65a55c357090011b1819003879fe72d4adca286e3218c46n/a Heodo
2022-01-31olIR2Pr.dlldll 1d991f0eaf9ff995439afd7c008509520edc0fc30f2e0e4ed3be98fff0d3885fn/a Heodo
2022-01-31Nn7Jl.dlldll 530fec8ac143216083088e4408effd5ea023e81c2c9a3f795e72c9c9750104d5n/aHeodo
2022-01-31QBEdfJZz9dM.dlldll bb98f7dffadac0924f17f5a4fdd873758078af348e255d09b1dacffc680c6285n/a Heodo
2022-01-31ixMpUoxkv8akxFy.dlldll 452202cff0a4152d9103775074030d7e7ac26e9cb3fd957fb7eb33c7b0794d5bn/a Heodo
2022-01-31yyN1I9ZmMHqqvqmhN.dlldll 27aa47e625980b27f096d1e508f65519c2d1e1457b649f6b229b859970d63785n/a Heodo
2022-01-31koiYkh2n3m4Yzw.dlldll c05c012cee35d38799b7885fb2190f54b40d8c1b67f8c6e9248879317e818660Virustotal results 14.93%Heodo
2022-01-315pd3q.dlldll fcd7e6526e60750e049ae3e20d8f41a5bf3238d9d64bf541f4fbf64caa0d4b30n/a Heodo