URLhaus Database

You are currently viewing the URLhaus database entry for https://fonijuk.org/wp-content/fzq6vYFUMEiRoR8vG/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2026746
URL:	https://fonijuk.org/wp-content/fzq6vYFUMEiRoR8vG/
URL Status:	Offline
Host:	fonijuk.org
Date added:	2022-02-03 16:31:20 UTC
Last online:	2022-02-04 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-02-03 16:35:28 UTC to abuse{at}limestonenetworks[dot]com)
Takedown time:	1 day, 4 hours, 56 minutes (down since 2022-02-04 21:31:39 UTC)
Tags:	dll emotet epoch5 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-02-04	xldDsxa1TkFQrQ7kC.dll	dll	37dff31afab55c8c14e35f35ad1efbe0cef67b60c2df633379d6c3ee3a1eb4cf	n/a	Heodo
2022-02-04	VbQ7zLav2.dll	dll	d059e37354b6e7cf72e86fb189d28c8e10f5efada2b85e3bfc1e073fe787cdb6	n/a	Heodo
2022-02-04	mXKHCAlHvtoGlWXU0.dll	dll	82a675da6357d9199870820fe0b20d9e20ba01bd4d5951af54ecf5f0384799dd	49.21%	Heodo
2022-02-04	jfPJ.dll	dll	724648ea021e3802fd7eae08a10641194135281847fac62223b86ffe28b3814a	55.38%	Heodo
2022-02-04	sFz1s7yYgkA50kUKCSt.dll	dll	1dc20820cbe4fba954cdd7cb2d4a7d97ef7d2153e38c74c9ee93746d405754ef	n/a	Heodo
2022-02-04	j7xX4cLU5G09gcpO.dll	dll	64bc2f37ab512987f6eca09ee31bf0e499bcf2a3495e8e613fe95b297fdd8e36	53.12%	Heodo
2022-02-04	4w9HQV4aiJFTPT.dll	dll	c2e691340449d995e85aaa111e1003b5610c63d0e0dca444ed2d80d03f095af8	53.85%
2022-02-04	BnQqopuRi1DSS4L.dll	dll	ef930ddfb9668e237c04fa6543a0a457ba8a0d58948f8b11b7025e8769989aba	47.69%	Heodo
2022-02-04	WMDrcg.dll	dll	643a6678f93aadf04aaf12424bb0c411929d0f14e614515b72d3ab284dc0d25c	44.62%	Heodo
2022-02-04	N0h0CfBDBY.dll	dll	4ef124281532a0571b3a6d3bd0727d71106960e11310d26be11c60a6afb31a66	44.62%	Heodo
2022-02-04	LJd6H2jxcr.dll	dll	3d9d5988ad8180763653cb9753d107b2c294e1d2d165e42d124ceef35001a6b1	40.00%	Heodo
2022-02-04	0tntbub9.dll	dll	c417eef23aec0f2ec4450bf212a7347e2fe822f8d4035251595c4168b3421915	36.92%	Heodo
2022-02-04	uy6ONv4yx7FwewiZf.dll	dll	8d6389e53a22883c2d9ecfe066a361ed735a6d21f59084950f6a772f432cca31	38.46%	Heodo
2022-02-04	nuhyXIlrM.dll	dll	f2b94119f97a7c1dd53f3826a3e0d9577f7f5dd3ae72df65d6d9dad56777e658	35.38%	Heodo
2022-02-04	pNXzzHbqdAmE.dll	dll	6525268a10744f3239c48b279dc766b52cb7d6539f404f0337a9acf4d332854e	36.92%	Heodo
2022-02-04	33eytAh2syssqf.dll	dll	1bfc4cfd876ec81533bea53df6b3119e4e6f68d53a4cb7695a06d65f1ed3df5b	36.92%	Heodo
2022-02-04	Qq5VDk.dll	dll	7716dbe21231d70fafeab60c4fd82e4ee69c2f3b94624a9529bc249e3a6bd106	35.94%	Heodo
2022-02-04	Nt6rrX8qzmYIYY.dll	dll	dd6938e98824fc9b0a724d886b7033c3b236460efe0836c6f2f8509ab22b74db	n/a	Heodo
2022-02-04	98lvUtw.dll	dll	69733b0dec6963b574e2b827da9841616c0c0563a67ae6d28313e787cead4197	32.81%	Heodo
2022-02-04	njaexk0nwXs4n.dll	dll	4391e405541f6e33187dbaa5235d837452ffb50b62bb3537117cf3510771a064	n/a	Heodo
2022-02-04	E9a4lddGnXmYOI348f1.dll	dll	49a10de0858153d1af67b6c9a85f4842fe8368c89679d93b4e16c4f4748ad4b7	34.92%	Heodo
2022-02-04	HtJsINYTFkC0wfAdfH.dll	dll	40fca2649daa145138293770e6c5ec2865f012783914f75afdde840c45246a12	n/a	Heodo
2022-02-04	3VNCV3lA8wzQ3o8e.dll	dll	add9773be35ea6f686f8e9c210132c4ab1b1491a040c45795b7a67f461338826	35.38%	Heodo
2022-02-04	3jUvWXjCOS.dll	dll	3979972f7d560886874ebfe7d5a558cbace9251ab1bda197a51aa9fdddf0d3c2	30.77%	Heodo
2022-02-04	mJDkj3g.dll	dll	a6eb73db64162382431f568d0e519e000a31dae295b19bdbcef3a3f73331b911	29.23%	Heodo
2022-02-04	vatD1YD3b.dll	dll	52b7f2a81a2d04e4f0ff900d8e9a7a7c1f38c405ccaea0408c08e58534d8a3d2	n/a	Heodo
2022-02-03	4IYnrw3p6Gv3VR.dll	dll	37595a0ae4fe26fc476960f6d6bdde10571784889bef2679446a6b5721cea1aa	n/a	Heodo
2022-02-03	1jyf9iWqOwVjc7.dll	dll	86c8e54912743e12912792ee3b51a76f1597bc5837d79291ff9da0c9627315f1	n/a	Heodo
2022-02-03	9T1QDI8YN44.dll	dll	f4d8251972caf22e338cfcfb9201941c2f3b51eb84215661ed32642d920fac86	n/a	Heodo
2022-02-03	dVQdsR8d27L26GiB.dll	dll	a6eaf39af186adcb1cdea9a7e277e9aa953bfd2c19d09343450d5e1557f9414b	n/a	Heodo
2022-02-03	6RF.dll	dll	f3dc51e4d43fa1ec3b76100216e0aea0b568b8d738da576fba746513f8bd1283	n/a	Heodo
2022-02-03	DZQRxdn3GcAGDoZKI.dll	dll	dea8c7f518734d3ee1d5247ef061967614c836e6273910a7a8ce729e915ec1d4	n/a	Heodo
2022-02-03	jwyK.dll	dll	f8570407c38f9913b600b29b8ed201b0bed07aaf11cc6fb14c23bec3abd7252d	n/a	Heodo
2022-02-03	ClOyayZGZqAsAVcaVZQ.dll	dll	49d4461c281440b1439ca8690decea773d35bc568e2149c8f34906b9cc774fdd	n/a	Heodo
2022-02-03	6f44N9dPz7wkjJH.dll	dll	49bbcd95940eb9fcc227a8be04dfec1b0f54302ffb448d764f1261c1147da2e4	n/a	Heodo