URLhaus Database

You are currently viewing the URLhaus database entry for http://wxoperate.bb2play.com/framework/1zTlT1/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2111999
URL: http://wxoperate.bb2play.com/framework/1zTlT1/
URL Status:Offline
Host: wxoperate.bb2play.com
Date added:2022-03-23 07:19:15 UTC
Last online:2022-04-20 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-23 07:20:16 UTC to anti-spam{at}list[dot]alibaba-inc[dot]com,abuse{at}12321[dot]cn,abuse{at}alibaba-inc[dot]com)
Takedown time:28 days, 3 hours, 13 minutes Bad (down since 2022-04-20 10:33:24 UTC)
Tags:dll emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-04-13kPk9uw1.dlldll fe2ee8a1dd55698e160dac60e5c755a5d8ddba53e598ca49c9564f0e13a69aa2Virustotal results 22.73% Heodo
2022-04-12kPk9uw1.dlldll 64ac5e85721e8eb08fc8785a5b49b6d10cf1c8aede0d8e380774068d59fd4824Virustotal results 34.33% Heodo
2022-03-25kPk9uw1.dlldll 3aa35da72b92476102952f989715055dc757594fabd526b381c6e8942da7170aVirustotal results 25.37% Heodo
2022-03-25w4v.dlldll 228ae855fe07ad015e0a7ce3d135d126f99b4a5e32c8a52fb6f56b12ef616d24n/a Heodo
2022-03-25sYtegGdBT.dlldll 188c393fc8bd8dab668a23432825ac5bbd8b0a57f0cc35251363d7b3c2894241Virustotal results 26.47% Heodo
2022-03-25yStwGp6YlSHyp.dlldll 732f0384cac2b6f37575285805fa14fba4cb098a186516416531b8e273983b1dn/a Heodo
2022-03-25sycUFAXjEvtzksf1.dlldll ba7b1d2b0ea7726ff642f767cc1b6355ee8aa967da90a9563b4334037315b449n/a Heodo
2022-03-25cEc73.dlldll 5b49ee4f8ddc37020bf11ca68fcc85bc3fb828c9f0a20d354a406a14a2ce3d98Virustotal results 23.88% Heodo
2022-03-25kVi59Jd.dlldll 5313d608ce54f15a1c2c6dc9e9456c62e694a1d79e4c3ef4af5dadf7390be16bn/a Heodo
2022-03-25eKd4POchIfohV4.dlldll 48ac44fa9df8088129d17e6802c1a88a0d785156c76a201d334fe2cc91def026n/a 
2022-03-252ZdxcCyV0LXTYQ.dlldll 88a64cc4c69e16ee1a632aef5b5313d693a233b525db352ad401289d57808de6Virustotal results 22.39% Heodo
2022-03-25Y86QF4E2adm21DWMLql.dlldll e94353090d37a33fef700fb3976b9cf7d9fab48ef391a9fd07ff7e6f48f46258Virustotal results 19.70% Heodo
2022-03-24IysbMtuLIuuBS72d.dlldll 3e61eb3fbb3c8e48568ea39bf9b4cb8c73aab56553459d7d81d7e89220d441cfVirustotal results 22.39% Heodo
2022-03-24eMXwqr.dlldll dbd4ca8155e19b71ad1a61edababc1e05c1e81efe178cc5e9e82e111a800f37cVirustotal results 18.18% Heodo
2022-03-24yh5uWcDP9rLYl.dlldll ec0fb9b5da0ff0cd9cf39174e1ccb48043662dcefbf1997fc1d511acc5f56994Virustotal results 17.74% Heodo
2022-03-24UwCJ6VMN.dlldll 3f14f0c4273b526f8a65c8d749b0c9d240f0d6bd1787324837c1348e4d4a2f62n/a Heodo
2022-03-24X2DmgFuIpxn.dlldll 911c247c03b6904dd30414188a4c9a5dbf34681c4dd7a3710d27312cc4ca260cVirustotal results 12.12% Heodo
2022-03-24Irtro8j.dlldll 0bcb9aa852abfcabf03158ac68a3fe93b78b57b3d4e8489d18d6c8be3555a003n/a Heodo
2022-03-24nSIEj.dlldll 775be98a2610696b6f7690f0d96c6145a0e10bf2bb3ab183e297e9b32ca71ab4n/a Heodo
2022-03-24dO1X8QwlhxhsYfkY.dlldll 6459125bca86555ef46c122a7158bf35a47d415a6231bbd959490dd74bb27096Virustotal results 10.77% Heodo
2022-03-245ePVU2anM.dlldll 0764fa3b19222ebffa65bf23e3f195c8ca7bc6bf02dd7bfbac203adbc790520bVirustotal results 10.45% Heodo
2022-03-24KIP.dlldll 458ec6e8b5c79136f3e8527170904a8886228c936ce8047d9e7e7b1bff8e705aVirustotal results 10.77% Heodo
2022-03-24VmgBjCAXZfm.dlldll b665b6d4273c90299717a661a620c7869503239c76f4b11d3c9ee9f83a5a13f0n/a Heodo
2022-03-24IPPHMre.dlldll 747e65447015ebd9e47ea022159fa7e24a96bc65578be5d731448114cbe1c2d3n/a Heodo
2022-03-24kFK5yrK.dlldll 2976e08586a5726a13441b7e4aad30be9d23b06c804e45ca093e7c83f9e58789n/a Heodo
2022-03-24zkp.dlldll 295532da1915933a9e478925570c201ff51fc014cba347d973330ca07f78cc83n/a Heodo
2022-03-24coR1VegRxP0pL.dlldll 0363e51568194e29c38f8114dedbfce66f26677467e9545455a7747e6db4107dn/a Heodo
2022-03-24AClWG7rzOERUT.dlldll 2729a3a8d32512a8f58acf687578d36da9df3f31692e78648c527731a1d38b29n/a Heodo
2022-03-24AeM3JJmy.dlldll be2df5bd04baa52a265c5d3a01d9cd0dba18a2ca5c083f97d91f66f795f36194n/a Heodo
2022-03-2467djqnkTc6oKH.dlldll 73267b72e6c5a69c9aee66e52ca6f14c94b74f85ac6d4cf882f2e7e9d46ea8cfn/a Heodo
2022-03-249SDVrNdspVMY.dlldll 148a9ef37bcd033fa94ec9d39c2f4c7a9cec686d29641ccc84d1f6932af75937Virustotal results 37.88% Heodo
2022-03-24hbaR7w.dlldll 261ca4bae304f066999fb9040a54cd432a5f18c437792951e6d49e7b02efb0cfVirustotal results 31.82% Heodo
2022-03-24nKb1kDbV7HS.dlldll 40cdea6904a341012c2fbc67ac589c025a0a30dbfe55d1439ac0ec58ef7968e8Virustotal results 32.84% Heodo
2022-03-24uJ39Q9yz.dlldll 06943d748609cb651c35bf7cd77b39f362ed9ad2c71a8b0233cb1f764b09c4eaVirustotal results 26.15% Heodo
2022-03-24XtlEF5k9.dlldll 38ef2011b3aa278a1b1d8494c95e6b6c18d86e075f1285589f6553b1ee6cbe6fn/a Heodo
2022-03-247on3onpOe.dlldll f44e39b34e377e114fd8e26f99429da3726b387fa0648de8b0bbcec025b9e9b6n/a Heodo
2022-03-24uBj4A.dlldll cf6554eca3d984e3dde5df4fa78936f53815076d46994ab6c25a949e5eb43742n/a Heodo
2022-03-24MGvwKfu6hPAwl115lX.dlldll ebf7ef0ef80e66a5f77959a8d970852956c74a0d7f893e3b4463155d0fbd620an/a Heodo
2022-03-244wo4I.dlldll 14bdc2526a1212ef8f8504e87a2c6a9c1e80a42464008eb66bf707223580d1e4n/a Heodo
2022-03-24oQf5oj39Z.dlldll 4a89ca46a481bea2c27ee27fd6fa5b0096b496c990b77a61f48e1d7f48e462a1n/a Heodo
2022-03-24yFO2.dlldll 5fd8ca86274ce705657a983add6e26b4c3fbad9da9cb124417eb5c51000dbe84n/a Heodo
2022-03-24Sf0gY5bwPX7qHDKyK.dlldll 147aa9cb0499cfb382d6a6b5174d3f14694cf463aab1ca1cfccd97637482d5e7n/a Heodo
2022-03-24n8RdEW8bmO.dlldll c693330f20f35b59dac4d80d913c1d8ee0b9a30114101311940c6ab9657d57f5n/a Heodo
2022-03-2460ciysYmwyoCMjGS.dlldll 18ce6d55f32d9b735ef83cd4fdf3aeee74f42d961ed1c9a974db97bc97e29209n/a Heodo
2022-03-24CoLxFg88wAqYVGY.dlldll 471485a62afc74d213cea7027a93375e2190ee1a6bc5cde88ad82b6f847641a1n/a 
2022-03-24onObuSPY.dlldll dc81b1b2257151ecdb04f2c6d45bbaf69ede81cf0b04f69d7a196cf6c3902959Virustotal results 17.91% Heodo
2022-03-24rxhPVx3bqcv33p.dlldll a1fbbf55d42829eedc2f1264148d11eda541f7da7161a2238632212becdfb5a1n/a Heodo
2022-03-24Raw1pOnlLmEuTmV.dlldll 361f9be0a06799ca2f211633058aa2dc1c807b7e6174a54657e82849a8c9e117Virustotal results 15.15% Heodo
2022-03-2442zpqq.dlldll bbcf562eb91a92813915f27abc1589767cfb4f7690389d3e53815d3cbe2f474cVirustotal results 14.93% Heodo
2022-03-23MJztsHaV2.dlldll 7a94c3a78d3b1b4effe9c1ffe7724a11750f78c8e95132b59fd2033b9b9109een/a Heodo
2022-03-23KJdMHGYr774.dlldll 37f6fd4e321e3e3d323dd6a978a9520964c6ec5f487446356f3d0cafadc84b6fn/a Heodo
2022-03-23VBi1AUPsQQdNcrRrb.dlldll 3824489af904586842e3a8e15f61c6032606c1c4c5cc2f5c8e49c118d7be776an/a Heodo
2022-03-23spMhJegGdWZB9Dw.dlldll 9a28ce7897e807f1f1b55879211bc04d4c57bfb56b3c5fc58ce75fad4facdc65n/a Heodo
2022-03-23FMMXsi3ONF.dlldll 3701df42a4945f183947e2188f390af3543e9e95a7f0164ed2294b18aefccef0Virustotal results 14.93% Heodo
2022-03-23Lft.dlldll 8cb9d3372d8ce751af431ed704a6e0608d2f843859349c15a514fc6f64b348a6Virustotal results 12.12% Heodo
2022-03-23dumQjxc48vJc2oTD.dlldll 050d11030eac3ebca44866f6bcf0e35d90145e763f9ddb85695b316e4a5d7c92Virustotal results 12.12% Heodo
2022-03-23rUjS4C4SBqfRLCrE2I.dlldll 070fa18ca8dca22d60edc3c7412b44b32a46fe5c0b2a6e54ea517f6fd431b398n/a Heodo
2022-03-23bEVPPgoipc.dlldll 8418c6a8166f4cd163a0760b940b9dd67802535d88b09c56e57fd26b300934e0Virustotal results 8.96% Heodo
2022-03-23BG1exZgZPNB.dlldll eba6a80110e3d0568b3258f165ede689572704c22e711b8013dab1156973d049Virustotal results 17.91% Heodo
2022-03-23ubOq.dlldll 2ab5c4f5f4f30c8aa12c83a74a0ce109980af36e5d7a98da634e25f3957f58efn/a Heodo
2022-03-23er1D.dlldll c9bf303abe0973a024f7b507e19a1c0ea018e39253c4315c1f2c1cd5558dd130n/a Heodo
2022-03-23QJF8.dlldll 663ac49f0b86b5e1a44c9ea41881504fa52ee9b698a0c956dacda765db228e04n/a Heodo
2022-03-23V1LCh.dlldll 68fb4b737912710c7d1741b916bb119501e41b2735ffcd780db05eadcdd1774an/a Heodo
2022-03-23hmgE9DUkAufsVL.dlldll 6125ec69fef95e866e14d7fa5a3f580eecdf65c33a5c0ef04e53bf526d04d123n/a Heodo
2022-03-23OdFzLt.dlldll de51abfb1e0325cc5cc322afe6dd459797a2a58b7c5e4a4fffabb1bfe525baa1n/a Heodo
2022-03-23YIX9.dlldll adc5bde329157742a0a8f819f7b5437b8ff0709e577311e31709d97e6ef11635Virustotal results 16.42% Heodo
2022-03-2369Cz.dlldll 69fdffde9ee25e15d05034cb42accaa3052bcdc5972cd54e3c85c10a7df99773Virustotal results 15.62% Heodo
2022-03-23gFB9KESTTrrOrPYR.dlldll 447a0c22e5405c65dc7bde9d3be168965b785d23f1e8d4caf96f1e71d45c525dVirustotal results 17.91% Heodo
2022-03-23CiiTdda5.dlldll b4929344c0526e6af5012e0fe5c18f778158f3b9efa528a55c21e15e13665af4Virustotal results 13.24% Heodo
2022-03-23O0ydOMlcmQhWSF.dlldll bb290cff624bc9a489cc6be225660653145f70d381bc243ef511a1b3a106d5eaVirustotal results 15.15%Heodo
2022-03-23p3l97PmPAfmJqChKG8z.dlldll 5ad6a31d2811a7fc59a1e1a89da6fdf3f873645cbf04a03265a3427cd839857en/aHeodo
2022-03-23ql1nCGS.dlldll 717d9695e4cf808f81477877d8e39d7af2056b634b0d84f3b9ee87ef0eaebe20n/a Heodo