URLhaus Database

You are currently viewing the URLhaus database entry for https://mashuk.net/wp-includes/ej6R4fkU/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2026742
URL: https://mashuk.net/wp-includes/ej6R4fkU/
URL Status:Offline
Host: mashuk.net
Date added:2022-02-03 16:31:17 UTC
Last online:2022-02-04 01:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-02-03 16:35:22 UTC to abuse{at}ioflood[dot]com)
Takedown time:9 hours, 10 minutes Good (down since 2022-02-04 01:46:09 UTC)
Tags:dll emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-02-04HJViZvP1KQx.dlldll 9611f91548738c05a484688d75ff39d15ff5ced0e69f2713098457cf1c9ee15an/a Heodo
2022-02-04wcMOA.dlldll 5775cb61688cc12cd807e6b3c1ae5fb899d2bbf9255e5c73483b0ca531fa6ef3Virustotal results 26.56% Heodo
2022-02-03Q7pdAW7.dlldll 9987a9f5c12f77d9d4e9de4e0bb475da4ba559950d622a1711be100e8455a580n/a Heodo
2022-02-035oG28ZRCXvCQi4K7qU.dlldll 7c39389ea1d731e1d0a521b589ee48061189002a898be7ea5f870a3c5a6aa23fn/a Heodo
2022-02-03xG2vk7F.dlldll d0a816a64127b44f70387ac781af8bbddb988073e77fd85a911a648f48e8c16dn/a Heodo
2022-02-03dGifC3aN9VYl.dlldll cd701dca5dcaa324d70f05a158bf806c70b8e20df681c69a1df563f4cc58d84dn/a Heodo
2022-02-03M2Bf7k.dlldll e55f80cbffd95ec791995651ddd3368d287f1bbc3bb231801cbd549afb9967b7n/a Heodo
2022-02-03Tt7irWlU.dlldll 1033985add547f001304fc5a544575bb9b48dcf5540de8ce76927502e7e85e28Virustotal results 13.85% Heodo
2022-02-03f0oRtSd4UVGmTiPR.dlldll 7b75511aefc392064204570f70d5fa540fa62a651085964eb0d8b483b511e8een/a Heodo
2022-02-03uq2V97EYSnQF9lTWts.dlldll 35327ae39d521fa6f4a1e25cd2c98e34c24c25501666decda08dfb0ea03eb95cn/a Heodo
2022-02-031HxbT.dlldll 4366de9fa0e0e3cacd5544e3ccd2d37f1206c5cf4b3b85c35ddb7226edee5466n/aHeodo
2022-02-03886.dlldll 13ea759851fdc546f4c58add1bc27c7aeb434940ef2dcaec6aa573b8becc77d0n/a Heodo