URLhaus Database

You are currently viewing the URLhaus database entry for http://eles-tech.com/css/KzMysMqFMs/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2125185
URL: http://eles-tech.com/css/KzMysMqFMs/
URL Status:Offline
Host: eles-tech.com
Date added:2022-03-31 17:28:07 UTC
Last online:2022-04-04 11:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-31 17:29:12 UTC to info{at}atakteknoloji[dot]com)
Takedown time:3 days, 17 hours, 50 minutes Bad (down since 2022-04-04 11:20:11 UTC)
Tags:dll emotet link epoch4 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-04-027gwrJw5G2tIJyXw66wTr.dlldll ea246f4f81b9901deef7d7469e9a4e6db6af68a894679a05373f501240f82b27Virustotal results 35.29% Heodo
2022-04-01s6hygeqd.dlldll 7fd563c97747fbba533245d165b69057df5432c7e39b0104e51f197e6726d902n/aHeodo
2022-04-01c9A9sT.dlldll 48814a9c1864e0db8d375955873457dc4491b8deb3e76ebba9a3d04e172d36ebn/a Heodo
2022-04-01M8pTKmF5g3Ni.dlldll d90826eb20c299b5cddbf0ef853ba5eba113fa36a6e316a57580166afff3dfdbn/a Heodo
2022-04-01DSDvopE.dlldll 33c54e8e77c846c7deaf1761f6c561d265aeaa3b52f5cfccf28fca04177e606cVirustotal results 31.88% Heodo
2022-04-016iCzBoMX8.dlldll a15bb8eecd075c4f203492a8c0dda73b038b0432f76de9cacb78d1fb5496f64fn/a Heodo
2022-04-01jAhWVVxo9oWugJApIQSBSO2.dlldll 5b4444d22021dcfced5764b6856609cd60540b74439f034c548e645cc894b001n/a Heodo
2022-04-01dvJFlFsLVrMUT.dlldll 6352b865ac779260d93f03529f537d3b4d11ae3215f525b76300677424b8b84dn/a 
2022-04-019EHU93m4eG6CiCvykt.dlldll 6f2e9f3ce8dacfc38492c0655c31f3467437fb67a5a8a8b0c08dea6995fed924n/a Heodo
2022-04-011ON78vTBB0Q.dlldll e0f9631caa9d5180b0337ec923a8f009459fc634cf773f054b4fdf56ca960e70n/a Heodo
2022-04-01UMdbM9HI.dlldll 3134e9f993c92c5731a043d44f4a46ebf60038e9d2e05bd7dce897ee99c636fcn/a Heodo
2022-04-01O8VJ96.dlldll 048caa559ce33dbd42032c9f512809e5eb05516122f142c0e33c3ea7f8960790n/a Heodo
2022-04-01Pm8T07ye9.dlldll 3fcc7ff548813d6bf8cc03818b432faccd123f5ae871380cd879662e2e8179b0Virustotal results 20.29% Heodo
2022-04-01w7jzLxmWVpF1FVqU85vkdJirkN.dlldll b2218679bbcd4d81b021cf61df66d28dfa7d529c8033df606a82799e7cb0af97n/aHeodo
2022-04-018JN3okYwaZoQaEaaVf.dlldll 562ef89e55a445d5a9cac50b291d5dee3db6bf75fa037da4bdb36705117ddb69n/a Heodo
2022-04-01S171NV4uogslleFd.dlldll 1eca2fadcde16a7ee51f161842e5f1e0c7a63f54b945d9391cc7ee3662745b35n/a Heodo
2022-04-01WqS7aPR08be4q33eIzUHHE9YX2YocHV.dlldll 29ddc2d403369e6dddf7e5c1752f4a9d6f991f7699ae829ce6d8ac4f97f106e1n/a Heodo
2022-03-313NzR6aGKsRaxKBeEyV74bKFgf3.dlldll 1abc46c702eeccfc18b101ce3287ec2d84680e12f602c6874e5925c1d66ea3b5n/a Heodo
2022-03-31eZu2jngxpFBusCPP3AC.dlldll fab99473c8129483b1f8f6e8c594c116630bb1def905f94fede4f11b15016e4bn/a Heodo
2022-03-31rD4LCCOt83faWos.dlldll 39cf1127b6872e1dafb334228cce44a08f5a25d4492e04e1d69e555c7404ab39n/a Heodo
2022-03-31mkH7tXM34Aue97h0u9Xilnd.dlldll 95020cbfd02951720069898bf265f027aa9082b8e7a3fe2468a169c087a5c450n/a Heodo
2022-03-31nvlTnVZaWui5RE0UYsn8zf.dlldll 37826bce0281777920ed7ba2ee4ea1132a2a677bce4fb7bf5dff5309e1132801n/a Heodo
2022-03-31c3k3vYszbfDAnlJw0uqscCeDn.dlldll cbfea18e70c3ca68bfb8aff26decaa99c23f201464e98a58e04655f88e1ca9f5n/a Heodo
2022-03-31tbBQ4Za0goQuIGZ3SG8LzgQs2n.dlldll b8092fc9199c6e50076f76199234b8c27150c4e31d4cc3ac8ce707397a497ba5Virustotal results 11.94% Heodo
2022-03-31964n9Rio7fNg5aCs.dlldll f7fc61789e550707a003485e290f196ebc187a71ca309cde8ca1e98b353605bfn/a Heodo