URLhaus Database

You are currently viewing the URLhaus database entry for http://ascendmedicalsupplies.co.ke/FUTH99YV/faflDNXWq0bPv/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2102308
URL: http://ascendmedicalsupplies.co.ke/FUTH99YV/faflDNXWq0bPv/
URL Status:Offline
Host: ascendmedicalsupplies.co.ke
Date added:2022-03-17 16:41:13 UTC
Last online:2022-08-20 14:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-17 16:42:13 UTC to abuse{at}ioflood[dot]com)
Takedown time:5 months, 5 days, 21 hours, 58 minutes Bad (down since 2022-08-20 14:40:36 UTC)
Tags:dll emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-05-10KdkKMHt47oPgnE.dlldll c2aea20ef3b6a20f988b5c29428098ad315618863ffd1bdd132618c90eeb4681n/a Heodo
2022-03-18p10B10CTdcp0.dlldll bfdd40929b448592a272efe52888bb40405b971359e240cf7f2756e30e75a0e9Virustotal results 20.59% Heodo
2022-03-17MWH.dlldll 27a02996e14c18301216448d0e9900271cb3ca7e5ffdab53aa61c65564d06303n/a Heodo
2022-03-17VzpOsugY6WrJ4I.dlldll 6a6a1cc77f1f6b935ce89d46636f552f959a9e323438142a84526bf7be2c675dn/a Heodo
2022-03-17mao7s4SzgR.dlldll 0773b1c018c978e4dbc3f79f35f969443838efe1522f6f0eba28a9bacc451962n/a Heodo
2022-03-17ldn3Tns9Jt4lBJvjE.dlldll 91b621ca6f59a6cc638aeed47f13c40b45bc4349c143f269a0c0bef8298936fen/a Heodo
2022-03-17tnAUMgtAZGZdzAH.dlldll 098aa08189853ec16359c80d8adba8c804465a80fb069658134d8b0a1c9ddff3n/a Heodo
2022-03-17h79W.dlldll 41c25fc95e07a312aa5d5859f43a45adb61dfc2d5886cbb065c4e782258d4db5Virustotal results 20.90% Heodo
2022-03-170qELI.dlldll 683c62d4c5badf77eb3f548042e6a129a1b5673e53a4d4c60792eeb2864b6ce7Virustotal results 22.73%Heodo
2022-03-17XLNFnYjHb19Emn8l.dlldll b0d3b6901ff66e0673539077c77b203255d48970ad02bf5cfd72fa61d5cdffe1n/a Heodo
2022-03-17l3zz1Yhrgv.dlldll 4c523806c8e66f447ad485e94a32f627cac7ce141dc7e3e5808ba4e425676213n/a Heodo
2022-03-17KeKOdjerilDwskoQK.dlldll 2051bb2de81fed5f0b44e4301d86d12a23d736d9c920f575e0cc2ef7ed159a8dn/a Heodo
2022-03-17k1NLB0Lc7YrNvPmP.dlldll 62eec5fb86e04b10817c5aaf96037b428aa25dfe58e8cffa009710c256b5cd05n/a Heodo