URLhaus Database

You are currently viewing the URLhaus database entry for https://merturku.com/blogs/IFcif/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2068954
URL: https://merturku.com/blogs/IFcif/
URL Status:Offline
Host: merturku.com
Date added:2022-03-01 15:12:07 UTC
Last online:2022-03-02 02:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-01 15:13:07 UTC to abuse{at}ihs[dot]com[dot]tr)
Takedown time:10 hours, 50 minutes Good (down since 2022-03-02 02:03:45 UTC)
Tags:dll emotet link epoch4 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-03-02kqL5yQqOxQeZem66y9CcQTfKNKIPw.dlldll 1c3c3f5b75fb789e83907df854391c69985ea465ecf15b528c06028cf16a0d88n/a Heodo
2022-03-02ytNNnWKHQoUsoTO4.dlldll 24145bb26e57b3aba3def60232746d6d510f1111c619494945b91ee8cb614108n/a Heodo
2022-03-02xwO6w3LFFmyi39GMdpz.dlldll fd395c65d541ff28709145fd8945bdcd7a6185a22abaf6a8750e3010da094084n/a Heodo
2022-03-02AmVRJOMZkeGACGobK5l4zWLoO6sEzYCJ.dlldll d9752dd57539df922b7f2ea90fc3ec7a75248b3ca11ec251547b51043cf43335n/a Heodo
2022-03-01PEj4ds7E8oVbjlkZIDINBtHH.dlldll 3a49be82281bb7cae740c8c609bcedcc57077221762fa564552a734eddbf6d27n/a Heodo
2022-03-01ABnKrWx7NNn5fSOEAfbrPlJJuOR9MpXt.dlldll cf570deb5054be54c410d6ac86f2d92ab2725554524d84db786cfa41f974ac43n/a Heodo
2022-03-011AK0cqn7x4J0A5x9E2MvBpOU.dlldll 6477cf94aaacdc3a5c564efe7e9b0fdd31f0bd176202c09aab833eb126f76f9aVirustotal results 11.76% Heodo
2022-03-01YYtg396dZyIZjhoXaJBCr.dlldll 5fa1f779ce7275d6162f185a7e2fc18614364c1da5cfff193ef1eaa1bcbd006bVirustotal results 21.43% Heodo
2022-03-01QoupG1F7dMBrQ8F6.dlldll e4c9c954e4910701fe5ebd5819056615407df5c5f08fb5a57d31c7c23651216dn/aHeodo
2022-03-01gntHRXHFMJqLGIeNYhs5VSLcI.dlldll 1a0d6d788a698443bce3292698bc2bc71102cbddd035512535eb70d4c7526470n/a Heodo
2022-03-01Takax66Kkbjku.dlldll 5c1f645da83ba2da3f41c2bf2f92c8a5e2a30e158cfd4a1e1dacd9f65bae726dn/a Heodo
2022-03-01rze5O6Sl.dlldll 3f3e6e45f5c85f714be349a868c92e8e868d5c775ba5ee93015aa66912703f89Virustotal results 18.84% Heodo
2022-03-01DS388W8B3Tq2zvDcyW3.dlldll 2f21454aaa51afeef6e8f9cfe30f7566d6e814dc25a343e588110f7cc7e2c9eaVirustotal results 20.59% Heodo
2022-03-01RK086ONEWqlNcnIPaQ3Kf0gJFB.dlldll e79822e61d7fcadf6c2d8598031629652f19c1400631a01880e6bea879068836Virustotal results 18.84% Heodo
2022-03-01Mf2GrqtzTsYXdDs69KxSPwlMy3.dlldll c632d6521864fdf79597dec8a6ede9b82328cb5f0e8790ad02ef9b2ce745f96bn/a Heodo
2022-03-01L56m1jFXIRxZgY31sBCyV5.dlldll 261a433d3e55946cca461eacbd17dc69d5e05b1c63a1d37e9fc348c63e3a73ben/a Heodo
2022-03-01tVjFKkwDObxRl3qAbIe2cK6ykN1O.dlldll 339e59e975bb3ef3b5b533e2d8effbdd0f078c9a00bc2c07ee80b92af8e13aedn/a Heodo
2022-03-01m2J5cmcok8HwOzbMA11HPk.dlldll ff78ca31ed7ceecc6edab7dfb049e0b47f6dc9cffa9c14467ef2b1225c2fdf60n/a Heodo
2022-03-01blV2nJov22iqJCyxHdbmkIxtdESyoT.dlldll 9ef9d352097f7abb3ca9f40a1aefd9fa30e3d949432998dab3c557c500ed0006n/a Heodo
2022-03-010OIWBQpCEclc2HJ2v2zL75VvUb9Une0WU2.dlldll ac74bbe9cc22c84cd569a56f589451b6945af0b404cb15de7c52e3cd9aeec37aVirustotal results 19.12% Heodo
2022-03-01wygdH6GnxVo1WA.dlldll d9a59164d2ac42198be76774ed19d6779a614ab6bf2c9d28220f35a4906ecfd4n/a Heodo
2022-03-01RpFACquCmEfVOI.dlldll f2bcac12efe283710d06b88fa42cdbea81b0b78cb91acb181c7e733e24e511dbVirustotal results 15.94% Heodo
2022-03-01I1dLa1DnMkTQg8m.dlldll c06eec4c6432082cc6bd513e4ea9be2e4b21a1b72552c0856757b521d150591bn/a Heodo