URLhaus Database

You are currently viewing the URLhaus database entry for https://vietnam.karmatechmediaworks.com/wp-content/PfSVQagusZy7AaMw/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2038847
URL: https://vietnam.karmatechmediaworks.com/wp-content/PfSVQagusZy7AaMw/
URL Status:Offline
Host: vietnam.karmatechmediaworks.com
Date added:2022-02-09 16:37:07 UTC
Last online:2022-02-10 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-02-09 16:38:24 UTC to abuse{at}uk2group[dot]com)
Takedown time:21 hours, 18 minutes Good (down since 2022-02-10 13:57:14 UTC)
Tags:dll emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-02-10x9t6z944G7O9Z9.dlldll fe947a9b5bbfd763ee0c3b232e1b24c385e8ae977179972a04b7e3b24a534eb6n/a Heodo
2022-02-10TiKTbSN.dlldll 694892022616a4975ab4b1fd42f0f5939d855efb061a27eaa2e7d5c2c858b0b2Virustotal results 7.46% Heodo
2022-02-10Fq18gOZvkq5kf4w.dlldll 7ea60fdd9f773540e9d7b55ab4baa66bebc997ddeb0f83ec1d34b6d61e378011n/a Heodo
2022-02-10nYCDM7BLJ1KSBs22.dlldll dc28f48c0f8881b32c912b321bb99cc32a9a8684a49707e652bdfb3542e12340n/a Heodo
2022-02-10Nkvzgg3SXC.dlldll 6f27679242961b1ce981b1e749fa939f7ef762c7a05a882845a3690aba2ba038n/a Heodo
2022-02-10brLwxfoyWmpRT9c.dlldll a65cc8a421637b3d4e79e1af4bad27b488e339294f345695ed60fe5ea92ab9cen/a Heodo
2022-02-10gHZ5yXJ.dlldll f693359e36266cba0a8ead9d0328c5c3fc239fd7b5c2a51dd81ca3c0ff4a50acVirustotal results 7.46% Heodo
2022-02-10Wfb0M.dlldll 4ef4049d5a582c8f0cb8333f9f141726936a00d83439406a0f340122661345b5Virustotal results 16.42% Heodo
2022-02-10BDUTTI.dlldll 3ee03137b9fc880567d215c1c2a47bc1d8ceef69df2e55c0650c1c57af685c66Virustotal results 13.43% Heodo
2022-02-10TvYoORwngIwov.dlldll 470fc145e31d7b0898cb8f52e520f754c013c20580eff1f6fa3269f62c1f747an/a Heodo
2022-02-10Y9yqVc3FpCk3Ytwi.dlldll 5dd69a259061eb4cdf612f4c793ee4eb07fc7a34529733737ba5a3ce30194296Virustotal results 13.43% Heodo
2022-02-10DK08CxgiHxHHY.dlldll f5b3b81998744e231fd49000904888e1aad37fe562ae1dc6b2b60c8ff76fbe26Virustotal results 11.76% Heodo
2022-02-10eQn0JwuQVCZrJSjE.dlldll b613d3bd8ec3e84356ec5a6e6c4590d708e1458d51a3d176ed72bfdeba4a8f52n/a Heodo
2022-02-09tA6FYdmjnpmFVEmt.dlldll fa58095b527e7ddbde911e9d4767456a386832217700b30a631c3853d4f499d8Virustotal results 10.45% Heodo
2022-02-09s7jRS45weczz.dlldll c424ce4e45f6af81cc1357b9f8d0c081cda2f991b389f7bddc0dc99ae89f378cVirustotal results 10.45% Heodo
2022-02-09Lpki.dlldll e2d947592125ca2ce562ee3556b8431ca4ce42085f13d0445a08859dbbdb827cn/a Heodo
2022-02-09t2P.dlldll b8a371f878abbb53833a946f5ff270a705718655e78d37c8c19f872441dadef9Virustotal results 10.61% Heodo
2022-02-097EknVATmMDq0.dlldll 62089fc3285bc0884022e5c0d4df9de66a0f633d2087f901dc623649a4a63faan/a Heodo
2022-02-098EsRRzg.dlldll 7cf3fd207eb68e2d89dbdb79bc3fc10d187661a13bc499c17cdf0bab4791d329n/a Heodo
2022-02-09lHHeqqM.dlldll 3486b2c85f7a0f66d2939738ba6b0e041c8856ba6ad314f2e8822699d4427b84Virustotal results 24.24%Heodo