URLhaus Database

You are currently viewing the URLhaus database entry for https://h5.l2saga.net/wp-content/uploads/FqnWeRNxxsUcb/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2024429
URL: https://h5.l2saga.net/wp-content/uploads/FqnWeRNxxsUcb/
URL Status:Offline
Host: h5.l2saga.net
Date added:2022-02-02 14:53:04 UTC
Last online:2022-02-02 23:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-02-02 14:53:36 UTC to abuse{at}cloudflare[dot]com)
Takedown time:2 days, 3 hours, 53 minutes Poor (down since 2022-02-04 18:47:03 UTC)
Tags:dll emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-02-04iJJzeLKgmqSyi2E0JX6.dlldll bcef4870466b84e7264a8d8dbd0a4f7e32f60bebf56684428f4b99c4d853164dn/a Heodo
2022-02-04j0A.dlldll 7e5a8c5c61ca022baa7f7e0703fd69e9089680ca9d3df9cc5af90a31bc8f01f1n/a Heodo
2022-02-04grHXsFDrOBG3fNXtPi.dlldll 7844c0219a789c917d1c02bcfd4364e36af6961d9c1a692a298388502e6e748en/a Heodo
2022-02-04mWhz.dlldll 39d94714aff98c7cea73d2ce3bc8ca19fc413d5d729004ff9c3c49bdbaeb16dcn/a Heodo
2022-02-04JanZ09PXVxqx4.dlldll aba3a5313e2bc9df9ef2d7734d18ef1967a1cc40201573316294be6af65af33an/a Heodo
2022-02-04rvUW.dlldll 1ced43204805e22a6f642d8c6ed2389b331bb24f16b01b24f56c69eaf9edaf8an/a Heodo
2022-02-04RZMm4sqRVAes3g.dlldll 71969fd6a1aec940ed3fd0ab7bbd9bce1809862a64c51df3207ab778cf1b9a16n/a Heodo
2022-02-045ucu.dlldll 94ff01d5bf2231c66071261151aa02a9de24e625694aa6cfe787caba1742d4ccn/a Heodo
2022-02-04AfEbUcGxLXjj.dlldll 00c7d40f3d355e6e5ffc7bbd2f162347fd08108f3a27cc1dc4eeacbd60b3434fn/a Heodo
2022-02-04EjSo0JNDEMUpX9WGoc.dlldll fec5ad72879837970042c4885a24017533b36539e935ed65e97c539db544f4b2n/a Heodo
2022-02-044o4OJz2G.dlldll c8d595535b59d8ef843a8afe138d802c6246e01eeeaa36ce7cb0ccbb6117047an/a Heodo
2022-02-04nfEClIOy8Yft.dlldll b3ea1adac1901916547097c9c8b97f19d30dbab292f5d6fc0e5c414a24adffd4n/a Heodo
2022-02-04cYOg8y.dlldll e55107754098de04e5242fe2706f14c1a255495d4565f845f5344cf7ed96dfd4n/a Heodo
2022-02-045zskHUL.dlldll f886804647e35d429d7fe76a627ad100cacc4f6498e623ed076d26e276633b72n/a Heodo
2022-02-047OXq.dlldll 75dea05f6615804d4d8c412c98df1fd1e7d694719441ef2fa4973904bf5925b3n/a Heodo
2022-02-04DFjfRf.dlldll 6f75ab6ea30d94e92956da09f66151b7da9944446882de8f275a446650e490f1n/a Heodo
2022-02-037x7m0YhAuGj65S.dlldll b1055c745f8d9e8ea70479687a24593254349cb9d330750155874a276a5b801bn/a Heodo
2022-02-03JCgAD0asNnvE.dlldll 938609387c6bb199975db358d5f39c6c3728c79bf91a2f0d2a1590bdb39387c4n/a Heodo
2022-02-03Cv8llgrKUX6hJZ1Z.dlldll c3a72a872ca4a6559c079cf69f4ab4231dae138a984b2138b72308e8fc41b579n/a Heodo
2022-02-03BIEEmhd.dlldll 77c18fa3721c62d17b6d54d8ad904a2f708109d2e49b3ef6a12d885907289501n/a Heodo
2022-02-03aetqOCfn3OeXNOHgE.dlldll 3140220f13bd8948e638f37dc275af6719ba18ff11275845732bf45f27bbea0an/a Heodo
2022-02-031DRJcKKmckcKi5ikQ.dlldll 6574d307b4b19b67b6ec8aedd9c6a4749787f0764c4fbfe056abe9b8f88a385fn/a Heodo
2022-02-03JX4HIChP0.dlldll 8b65698911ad351eb7da385dfa932effbf284c20438c04857d9d162fcb09f6cdn/a Heodo
2022-02-03F5JMnnadHFOf5MtP.dlldll 95fa38e2ed6017b9b89b06f48d9072a2daeefec7fa42d3e638434e11874c8c9fn/a Heodo
2022-02-03aPY7dlIJv4wiUgi.dlldll fb653fce7be7dbe0459e6afe1f40baa6a6059c3bd6e78afcd14bdd5687c1e6c7n/a Heodo
2022-02-03yvGX6eSBH3V9i.dlldll 1127393fad259edb25cda814275ebfe8ae811495c25ffe7481ab5afeee0a5f19n/a Heodo
2022-02-03fI5TZ.dlldll 95baf069bfb218f5977d8a92bdff6363e65895e1052c87bf48c21cc5febfb7ebn/a Heodo
2022-02-031qroRB.dlldll 25dab6828382168aafc7960c925d0421429a713ed56769e4d279c866ea024dean/a Heodo
2022-02-03HHDWO0Ue7JSSRq.dlldll 5b5340709becdef379fa7d2181db415256db6a6434cdc37e21933f75ccfd133fn/a Heodo
2022-02-03RZ1SNQGeynrqQv7jpY.dlldll 5434ffc2369f99c19457acfcb819e3baf876cc7c6a34e62490b385b24acdeaeen/a Heodo
2022-02-03bDmGaG70.dlldll 7715e7dd00cd1658a6560324649a6ac30104d1eec8943a92f4f71b4e03346329n/a Heodo
2022-02-03gGsXEbhbB.dlldll 3b689811111ca258de3faa36bf0e1e669777ec5a038fe297b216e10c40270595n/a Heodo
2022-02-03LIEH1DxX.dlldll 7df214c35c2184caf2bd226a03a9a16c858d00b61a6883274597a961b9cbedf4n/a Heodo
2022-02-03R2hpsG7zLZZ.dlldll 62a12d555f68cfa1ac8688aa605f639e474f378ded9e35d6eb5c828daa7a56dfn/a Heodo
2022-02-03zub2KLmV.dlldll f5ffd93a0cc43826d0740ccae59263e6c2c0440b439289e30f98e7b86653fcd6n/a Heodo
2022-02-03Anke8sfNOTiUUT.dlldll 4a48ee791e7387b649292b68d34a7fc9ba4a68d2f2697cd33b13e65f4aef0990n/a Heodo
2022-02-03RKiQcQ.dlldll 01208d8f3f85fe266659e5445aac3083198a40985def0c76bef850fc787de532n/a Heodo
2022-02-03r5yWTHxPP.dlldll dd1728d74df9dd744db9144b0559793fd6f490e9328e167d0dc598a07124e44bn/a Heodo
2022-02-03BvBB.dlldll e68a56d9183b7316d3d7d874b166f1428c2cded1132265850fba7bbf368b1381n/a Heodo
2022-02-033YMAcss9gS.dlldll e590f9a2818828b9ef2031f7cd6a1e13055ef55a8eae05d8deec5fd67ff3d991n/a Heodo
2022-02-03MNjpiuyyAS.dlldll 9ce6ddf290ff55d3dce21de692d12135d76314de4bd0260268a5a35f982182b8n/a Heodo
2022-02-03XWOtCxz5E0ssH.dlldll 5dbcce00baf25bee4b3bfc7d08f0df17c32f483d353efba0ed0c125370828d31n/a Heodo
2022-02-03BNyiDwbWDp2.dlldll 718c244b108dbb5b69ab1c1908b9e9795e727f26b5c7503a58709a8bc8356d83n/a Heodo
2022-02-03q0Uew4UsSQG.dlldll 4576f149ea2c81d6347c389fdb8acc2776ce8414a2d19ecdc57c0329739c5275n/a Heodo
2022-02-0323Bh6QjqKN0h.dlldll b9df4939bc47913070458cd35f27253fb9d0589314bb060c9c87b90d2c084dcdn/a Heodo
2022-02-02VvmRV.dlldll 03d642d7e9ca12c23d6addb209b8807b9c77d5d23bdf462f6b4cc446395c55d1Virustotal results 26.47% Heodo
2022-02-021pGZqul.dlldll 8f2abf0d34ac0369f57cf79e6382449bfe355c8da15de33fa4d79f17ce123b48Virustotal results 23.08% Heodo
2022-02-02j5dpm1.dlldll 578020d2414e0f14d2dee10b570cc95a9b037c9156f609ea57bf37e8240a56aeVirustotal results 17.24%Heodo
2022-02-023pjbzmA4NPTi9HLjsEQ.dlldll 26f4663a6154b3294f4c1a51c52925b543c6af880614b4347ba2b4fab8b99ce8Virustotal results 42.65% Heodo
2022-02-02eSnU.dlldll fd1bf6d7b665c0b58abe6bbd6e29d48b650e68b8f2422f8ac94f2f35e28e3249Virustotal results 40.30% Heodo
2022-02-02jA1oNS5ax9bJvW.dlldll af7ba55eb486f8ea651d5a3f7894ade78c47469eeeb39576b9aa1ad85a8f4523n/a Heodo
2022-02-02R0gaosL7YGXf.dlldll 1e64fb6408d7e90a015b99641521c009bcb86f0d1c32331d31bb9ab9b0088bf6n/a Heodo
2022-02-02x7aCmw.dlldll 8551ef516d65fd0b008708c3967d34c7b6434cbf8ea5460a70880f8594444e6bVirustotal results 41.18% Heodo
2022-02-02d76.dlldll 73b5cac5416c5d270e337f07db4fd21520a0722104e76113048f8127e6cac7d0n/a Heodo