URLhaus Database

You are currently viewing the URLhaus database entry for https://wxoperate.bb2play.com/framework/1zTlT1/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2112014
URL: https://wxoperate.bb2play.com/framework/1zTlT1/
URL Status:Offline
Host: wxoperate.bb2play.com
Date added:2022-03-23 07:23:23 UTC
Last online:2022-04-20 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-23 07:24:07 UTC to anti-spam{at}list[dot]alibaba-inc[dot]com,abuse{at}12321[dot]cn,abuse{at}alibaba-inc[dot]com)
Takedown time:28 days, 3 hours, 9 minutes Bad (down since 2022-04-20 10:33:14 UTC)
Tags:emotet link epoch5 exe heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-04-15kPk9uw1.dlldll bed653b90eb1e49435bd518e821890a5df012dd8c7c03c0c7c16c829c19de159n/a Heodo
2022-03-25kPk9uw1.dlldll 3aa35da72b92476102952f989715055dc757594fabd526b381c6e8942da7170aVirustotal results 25.37% Heodo
2022-03-25Z1oDfkNN6YsY8ge2R.dlldll 1cdfa36ca3a28ead63c9e13f3593980209a4afb0b086ccbd67bde8a327db9dd1n/a Heodo
2022-03-25nbeiBId1QvV1sMDh7R.dlldll 8654a8f3c9d395c2596afce1925f3036a3cd36ab28eefab7481467fea519e06bn/a Heodo
2022-03-25sYtegGdBT.dlldll 188c393fc8bd8dab668a23432825ac5bbd8b0a57f0cc35251363d7b3c2894241Virustotal results 26.47% Heodo
2022-03-25nwcixeB.dlldll c4c6710fbe37676130559d1e0825fbc029f8a340e9ca13b4fc7d2ef77d634e3fVirustotal results 25.37% Heodo
2022-03-25ZpapFP7B7mx.dlldll c7064ada7cd780094dba9fddae7d1fefce3b00cb341323615a0faacebbe8b0e6Virustotal results 24.24% Heodo
2022-03-25VJXWgV4fN0B.dlldll ad4f8b7cce71c516ba9b9bcb40fe2cc0ba4eef7f40b7623dd57124b115a3d4een/a Heodo
2022-03-25m7Y.dlldll e1037a146bc4e9113330a26338de10b2449de2fd130eb2768f6e4d8746e205fdn/a Heodo
2022-03-25eKd4POchIfohV4.dlldll 48ac44fa9df8088129d17e6802c1a88a0d785156c76a201d334fe2cc91def026Virustotal results 22.39% 
2022-03-254AsW94ep0KTHA.dlldll 784ea277dd1a8f118dccd1ff774115083bef528527bec4c22d4b5ff29731e360n/a Heodo
2022-03-25LfZfyjLYc60h.dlldll 2811b128041cf24ec45b1c0b24cc9a5627b189bebee485b9590a02a1993f83aan/a Heodo
2022-03-24eMXwqr.dlldll dbd4ca8155e19b71ad1a61edababc1e05c1e81efe178cc5e9e82e111a800f37cVirustotal results 18.18% Heodo
2022-03-24jr6N.dlldll 5a15e3cdf38c5719646e5dffb7b80cf0a3461e2a2c3c2f3ee970bcb61ce5a090n/a Heodo
2022-03-24ecl3PzlF4V1duBe61Lu.dlldll c2c308b2aa7bc3bde1fbdc09f0ed4ed833abf54dd9694397be4df9344e70afefVirustotal results 12.12% Heodo
2022-03-24va5Z5eeAMhyiJUWi.dlldll b09d29c534f0c69bd073edab577f5988f2e7908d765964fd84d79cf3335da08en/a Heodo
2022-03-244DIIIiH.dlldll 9d07c561b1dbe909cdb3d4e71b77608e003ebc34946e4d04d3628e08e338be08Virustotal results 11.94% Heodo
2022-03-24ciKJm8QJdWqP.dlldll 3c97e91a11f0fb955750ac7872eec593513f9c8a4ce577243a14ea9336534153n/a Heodo
2022-03-24kAyrbgzOazcQm.dlldll 166de0ad7a4e98bb8334d4759b14e5edcbd3a5d99211dc4c3c58f5e26158419cVirustotal results 12.12% Heodo
2022-03-24qm2VtOXqhjPBoWQ5S.dlldll c455fbee0d3225ed769486465593625388744206b5a4693a08b7f30684c38591Virustotal results 11.94% Heodo
2022-03-24KIP.dlldll 458ec6e8b5c79136f3e8527170904a8886228c936ce8047d9e7e7b1bff8e705an/a Heodo
2022-03-24o9sYjBoEbK85Z3F.dlldll 75f3c625381a96ade8a1b3066b744821c492242569f0eae8b2b2170c3929e78bVirustotal results 12.31% Heodo
2022-03-24EKpSSwGJAncQARb.dlldll 25fabb95639a3a73e720779a472a8815bffd452ed3d8f8df73cc4537caada16dn/a Heodo
2022-03-24kFK5yrK.dlldll 2976e08586a5726a13441b7e4aad30be9d23b06c804e45ca093e7c83f9e58789n/a Heodo
2022-03-24Jlh.dlldll 0dd8a6b2c0215d90ac735203238f986a59c0d19e573b9fe448b371aa4ce3e5fan/a Heodo
2022-03-24gQMe3Rd.dlldll 268583d2fef4cb3c0fffb3e556c695507f658a1d89c52057eb5c86cf9c4626b9n/a Heodo
2022-03-24AeM3JJmy.dlldll be2df5bd04baa52a265c5d3a01d9cd0dba18a2ca5c083f97d91f66f795f36194n/a Heodo
2022-03-24sH2Dh1YyoP.dlldll ac2cc450059b8694974b35527835b76ac88bb1d1e253e8c0d1dabb9fbb2a64e1n/a Heodo
2022-03-24bD1U5F2tdZ6XA.dlldll deeca99103fed5a02b8bd1c30e92f30051d0243bfcaecac2b91d4f4aec89f0d3Virustotal results 35.38% Heodo
2022-03-244F5RjJQGs.dlldll 7d0cefb5c369d977d1412aad53fb5cb54c8535850bf309b3d5c380cf76db5f3bVirustotal results 35.29% Heodo
2022-03-24KsoNoSEkMLgmSGpJ9.dlldll bbdf64780dfdd2ba2f3f154f82b8c0cf60d805e8d1e13bfd1c2b59ed5f72da04n/a Heodo
2022-03-24uJ39Q9yz.dlldll 06943d748609cb651c35bf7cd77b39f362ed9ad2c71a8b0233cb1f764b09c4ean/a Heodo
2022-03-24ZTvVD899D1xdy.dlldll a3bfbe1038cd71120af70d7a81102cdd2037c530096573228737243406c2eefen/a Heodo
2022-03-24VtxBTX.dlldll 0fad8c6c2b7757f8711fa38a55a88ec8b21434ac05fca39c4ee833ecd21e16f2n/a Heodo
2022-03-24Zl1STmLN.dlldll a32ac558abe953ea5acd7eedebed28a8d179ae4a2a661092e8a49eab23bc98d3n/a Heodo
2022-03-24bp19SAIylJNcAZyB.dlldll 903d550127bed8c18fad57ecd7488f971100ed82d7cd1501e865545ab7abfc6cn/a Heodo
2022-03-24jDuc.dlldll 6b2892ef0f41a29c59faac7534068ae121c2676050aac29a71f34f9d5c976575n/a Heodo
2022-03-24xuOQPdta.dlldll a5970c1fda5b9af4386ec25e769b0ec627618f002822259cba0f0feaf6bea551n/a Heodo
2022-03-24HvtnuPD6KtB.dlldll 1457c9068cf84bbb1cd6fe7d1bd541f0e7599e3617b162e0c9b9f93cf29541cdn/a Heodo
2022-03-24mPHAe9xTEOfVX.dlldll 34193bbf4addc65d5db91714c074772a7bb51c5997de286f3024a5e729d9e859n/a Heodo
2022-03-24n8RdEW8bmO.dlldll c693330f20f35b59dac4d80d913c1d8ee0b9a30114101311940c6ab9657d57f5n/a Heodo
2022-03-24Dgb1dhQGkZl.dlldll be4960075dde790e11c08ace8d09244a41d00a89c1b8263f0a39830a7de9d15dn/a Heodo
2022-03-24Q6A3rUMBYbC7.dlldll 5e93229493bbdcb7c52945668c6ecca51e53c7a9a54287750b6b4f853ba3c19dn/a Heodo
2022-03-24UOaqapoDvmEr9.dlldll 91268a242ab29387e8e7c7671b11c22bf733f5edc3cca7ee945c78870a698d18n/a Heodo
2022-03-24rxhPVx3bqcv33p.dlldll a1fbbf55d42829eedc2f1264148d11eda541f7da7161a2238632212becdfb5a1Virustotal results 17.65% Heodo
2022-03-24Raw1pOnlLmEuTmV.dlldll 361f9be0a06799ca2f211633058aa2dc1c807b7e6174a54657e82849a8c9e117Virustotal results 15.15% Heodo
2022-03-24LfU.dlldll 08ac6316e4dc37aa3887f6582c690feed09c1832d4b196755f35d24fc14ad29cVirustotal results 14.93% Heodo
2022-03-23HCJ.dlldll bdadcf4119355605319fd744aadbef2e142f0b67ac16033b4f5f45bbe1018c4en/a Heodo
2022-03-23jsB.dlldll b596daf3e702c81d5b7ce6425f930e1f28dd5924b7fe8545a696bf82c4b90b7dVirustotal results 14.93% Heodo
2022-03-23KJdMHGYr774.dlldll 37f6fd4e321e3e3d323dd6a978a9520964c6ec5f487446356f3d0cafadc84b6fn/a Heodo
2022-03-23VBi1AUPsQQdNcrRrb.dlldll 3824489af904586842e3a8e15f61c6032606c1c4c5cc2f5c8e49c118d7be776aVirustotal results 14.93% Heodo
2022-03-23tQAra.dlldll 9f105ed6e51b4003c5510440993f8cf4c62fb22d4bad57e8e2d6f434c933febdVirustotal results 13.24% Heodo
2022-03-23VLkvyZsgWRlMQIJjI.dlldll f02b8d7da70d084bf23467daf6e1dce749775bc3f9409f395e305d889cf7e8c7Virustotal results 12.31% Heodo
2022-03-23Lft.dlldll 8cb9d3372d8ce751af431ed704a6e0608d2f843859349c15a514fc6f64b348a6Virustotal results 12.12% Heodo
2022-03-23RKP4J.dlldll 24eb5b6fb177312b5dc9b79ba44bc97c4d1cac19b0157536d98bbf1abbb86708n/a Heodo
2022-03-23aFgWErPlJylstKC.dlldll 34bd35b500ec5c7fc601e3876c779997744007b7b2000d6aafddf957acd4b03dn/a Heodo
2022-03-23YWoKXYjWhbNRtA.dlldll 01a56664d3b955e9a74aeb22e2878fa598af9f77848a1fb635a441dd646085c0Virustotal results 9.09% Heodo
2022-03-23BG1exZgZPNB.dlldll eba6a80110e3d0568b3258f165ede689572704c22e711b8013dab1156973d049Virustotal results 17.91% Heodo
2022-03-231Vv9ub7GVnXMJpV.dlldll 6e4e68770d82383cacb2ce2587716e4de4d7ba42dbf1d6cf3c711febe98c4e90n/a Heodo
2022-03-233GTrTHIio.dlldll 6d1824fd43d048ca675fbc9616311b8b4c0c0a6394c22713f98111216c346331n/a Heodo
2022-03-23V1LCh.dlldll 68fb4b737912710c7d1741b916bb119501e41b2735ffcd780db05eadcdd1774an/a Heodo
2022-03-23F4Aum4vMm2LSSF4.dlldll 9ae29fda6a7ded4c5468a1d58cd10bf04bd6e94b3cda1d93e25d11eb213559f8n/a Heodo
2022-03-23g3hscfdJzq.dlldll e96e6c4651c35a578183168407afd259a7ed0d414d93f92f5a088e643275ac98Virustotal results 17.65% Heodo
2022-03-23iXEm.dlldll ebe5985bd7ebe30720081dbcad4c89801040b0051e0c90944cb5cebbd2ff2dban/a Heodo
2022-03-23dDnGJQq9L.dlldll 56ce06f035480026d5063f121e17295ac6c21a7ba70e671da39f6d6244d935c2Virustotal results 17.91% Heodo
2022-03-23gFB9KESTTrrOrPYR.dlldll 447a0c22e5405c65dc7bde9d3be168965b785d23f1e8d4caf96f1e71d45c525dVirustotal results 17.91% Heodo
2022-03-23S0supBgMSDg4hc7.dlldll fa6288f6ea7a18d88218b23582d579afb79d22577aaa0c5332f02ad1d442a490Virustotal results 13.43% Heodo
2022-03-235xumiALGJZ.dlldll 2df37759c56dd76801c6e82e76b0458dfa757323109e987a096ee8410a185eb2Virustotal results 14.93% Heodo
2022-03-23tl9CMH.dlldll da2473167186d0874b7550b6a6cc8c3762ebdf61f32063680ba5dcc35bd3090dn/a Heodo
2022-03-23ql1nCGS.dlldll 717d9695e4cf808f81477877d8e39d7af2056b634b0d84f3b9ee87ef0eaebe20n/a Heodo