URLhaus Database

You are currently viewing the URLhaus database entry for http://robertflood.us/eln-images/DGI2YOkSc99XPO/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2036892
URL: http://robertflood.us/eln-images/DGI2YOkSc99XPO/
URL Status:Offline
Host: robertflood.us
Date added:2022-02-08 14:20:09 UTC
Last online:2022-02-15 18:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-02-08 14:21:21 UTC to dns{at}aplus[dot]net)
Takedown time:7 days, 4 hours, 34 minutes Bad (down since 2022-02-15 18:55:32 UTC)
Tags:dll emotet link epoch4 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-02-09hkEd3oVPMMMe6mi.dlldll 18e3b0d902f95fb74affd0f0e203b5a7d6d8a9aa17967611b17377008b5f0c52Virustotal results 13.43%Heodo
2022-02-09EkoLViDJwhG6imDyBBNzwalwxZ.dlldll 8e8e1861f736d3485349fc9c7660408c93717b2dd355f610e07e03c18f889295n/aHeodo
2022-02-093WxLzPkHdFMpImz14J8yy.dlldll 73030ae41c2386f0d2f193b4a63c279ce956e13556b9ae887638aa1f7065f016n/a Heodo
2022-02-09GuCVSnwsmSmvFx8M1m9yhrguOU.dlldll 796639ed5c84fe4e70d939f13eccad1d46c9332ce81107ebb4baf47fa5f1cb29n/a Heodo
2022-02-09sEvjVZRNjEvsgOZErZNS.dlldll bb589a642a5f9d01731435566357296af1d2d40c7f1149cd6b379790c80adaa9n/a Heodo
2022-02-09hgSBnVbmsJ1eVGPiq4e.dlldll 448436e8a45dc506e3a192cc6a880bce9e0bbe41aa0702fb3c96e25e6d2590a3n/a Heodo
2022-02-09IP4BqJpdmEMyGXyRVx099aZHSx.dlldll dbebe687bf1552af2ff4cf15034bdd44ee65562405730d6b87be60efb00ea11bn/a Heodo
2022-02-09NaE7WUffrrNLsa7S.dlldll b4893e80612d511c853a980c18aac6ccd40eab0282235e90a4823749ad4dd0ecVirustotal results 26.87% Heodo
2022-02-097esgE6ev64wnNrfSRJn.dlldll 4ff72f477a9abb1d0e90b77526382fe8636ed8001df8f8b9561e90836fc3525bVirustotal results 27.54% Heodo
2022-02-09LvWUJ84FSCtkjqD5JZrt1H1p.dlldll 916c2dabfcaacc5269b9b68bc7fc179f5e2734e5ef183f7500b64480acc0afe8n/a Heodo
2022-02-08I8eRKk4.dlldll 753be3bff3923a2618d99406888a6df492f1fa5f9e2a6f7eb20a2ae9cd2fef3bn/a Heodo
2022-02-08teYGri2lKK7qEyoerDILcVRt.dlldll a4db643232ee48fee72869d7204a1ba6549f3d7967cc75871615a93a02ee3c32n/a Heodo
2022-02-08LPN6mB8A4PSYxX.dlldll 6ac94ef00c30404ec97cb60d0802e180ceb121e323c29bf1f5b07c86dff7e66an/a Heodo
2022-02-08MKSxrH0nh0d4YNxZ5g9vdrq9.dlldll 27a7945c4738073c608c359003ce63e957128b386a2a7bccc031a3a9e191b849n/a Heodo
2022-02-08UJtbcuMX1.dlldll 3953ed31acdc025bf4d0256396232375253b322fe021817f7aabb4525c142764n/a Heodo
2022-02-08siorQOR9lYZfLDklowoDAv68vzdHda9a.dlldll d74b8c9712c6caf59aa3db7fd71e86de9c4e50cda9223fe7845ec0fdfd8d47ban/a Heodo
2022-02-08CRhTpEF3MGsD9ZPnuszJx.dlldll 61d09feb4ed58d706df1d64b55b9e1cb7dba33fb82670660731e94101e0cd15bn/a Heodo
2022-02-08hOBNhoQZNE5NpoUUX15xm3kvy3WWxg.dlldll 12a762e9b398b339b715e6cf7aa83ce932e777f14577fb4274e8b7ddbc453de6n/a Heodo
2022-02-08qq6bi3Z0vcJa8tkb2K2KdzhTZFijHhbl.dlldll 7460d71285a775c8442a57fbf21d8131505af744088a4a4adc16b72a4912dcd4n/a Heodo
2022-02-08oB2kqUj9iGHbTSAUqtQrt.dlldll 71318d44e612319209fc645d95cea3a8666046f0b8278dcfccfca6e980bb9c12n/a Heodo
2022-02-08AReqogGYZ7sgZx3qY3tvjqSo6tz3.dlldll 0d4bf9806aa66d2d830a8ce863b6db6213f22f5d841332d0d01cff9e0ae418c2Virustotal results 20.90% Heodo
2022-02-081otgzFU5IEQ.dlldll aa7ad15359730cc2c9addea9d97b9ad9785587fa69604b55a196bfb80b7058d0n/a Heodo