URLhaus Database

You are currently viewing the URLhaus database entry for http://escgayrimenkul.com/cgi-bin/RuqpDmm/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2126278
URL:	http://escgayrimenkul.com/cgi-bin/RuqpDmm/
URL Status:	Offline
Host:	escgayrimenkul.com
Date added:	2022-04-01 08:09:06 UTC
Last online:	2022-04-02 16:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-04-01 08:10:11 UTC to abuse{at}bluehost[dot]com)
Takedown time:	1 day, 8 hours, 36 minutes (down since 2022-04-02 16:46:25 UTC)
Tags:	dll emotet epoch5 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-04-02	MClZO2feA.dll	dll	129733e170ec693d8625168473766ed7c76d42b54184b6edd5e5ac0dd65a2e26	n/a	Heodo
2022-04-02	vcIk8ksC5dTkFDy.dll	dll	7dc0bb307ada4fd2649fc2c7ecacf092424a9235526293bc85ad492b352c831f	n/a	Heodo
2022-04-02	JcldsZYQslnb0.dll	dll	26d044ed61b3a633a868ab58aa19ceea58376032e664cfccc53663fad6f82f07	n/a	Heodo
2022-04-02	XeLOVTd4wSWSk0PJc1.dll	dll	d7de2cc6916e72320d678e7d9cc8ab8dcbbf3884d8b77cacadf8f950f6d2ba7a	n/a	Heodo
2022-04-02	YfQM96BxXiiifs.dll	dll	bbfd1f07d58ec25e8a7c5e9d3e8371bd9a5ce4b2ad415fbe0a5bbad734a9a6b4	n/a	Heodo
2022-04-02	OgLcEq.dll	dll	5ee92c734a57e6c08f3bb1a5b3edef895914945243fbd15112297a32c823b98a	n/a	Heodo
2022-04-02	eSCH.dll	dll	be4263015f97d66ef7a0418057fb932890e35eb4830a0f614b81245220b8d7ca	n/a	Heodo
2022-04-02	JZqNmPD7TI.dll	dll	d58c2da15e66b0f8f19ff81d7e74485804b46f0ae785c3928c96182be3e751dc	n/a	Heodo
2022-04-02	lmXTwOiv3uwGOcGn1.dll	dll	082a8e1902a082d6a31887bf92e145854011889a7ce60b0cd2f40d4269b23b17	n/a	Heodo
2022-04-02	hY2Liiaf9Jdv09LJQE.dll	dll	648b54694ebf13c1e6213907155263ac555329d0f5876c336e99d54161c36875	n/a	Heodo
2022-04-02	Eyy3Ansu.dll	dll	1bd8783e14e90715fc06f1ef515d7f8ba2371a55d1b5a3a57474af6aa2625fdc	n/a	Heodo
2022-04-02	VgaL2W2voTaKrkTs.dll	dll	b4e607e285e0be23817ddc1c9c4419b69ab1417365db225b4a25cab2ba5cae79	n/a	Heodo
2022-04-02	jhyVPXu.dll	dll	ce961e7237a28f54f36894f8599490c1a19be7f8b10eeb84c37d556bdc1904b1	n/a	Heodo
2022-04-02	SUOzeXPweDpFefm.dll	dll	6cd11b37a691421e3c761c74bf16dddde4b7020ba2e3d41cde00ab0caa227644	n/a	Heodo
2022-04-02	5B0alhm4XFDIb.dll	dll	1eff58df9bc9e42e501f143c320a2e712735fd2fb35a38f05b96fe21b03e15f8	n/a	Heodo
2022-04-02	6bi.dll	dll	c989348be781869b277b1d269776c6076949165334244f10a2e0385c23b175fe	n/a	Heodo
2022-04-02	wSVY8SBZnIfl8wN.dll	dll	792b7ca1cf51133eeac95b7b1922d1f45bf854a5e7b901139d146bb9abd67bbd	n/a	Heodo
2022-04-02	xaiuGzlCeRhQMtlsb.dll	dll	92904fe0833d92b2fd8578e272f1cb2b792b53a45f130cef6695357731d48402	n/a	Heodo
2022-04-02	HhnqKfiB3z9uS.dll	dll	5970a7d5a136782577c200ea5af436ecdcdce419894f975ece9dbc032ba9ce87	n/a	Heodo
2022-04-02	3jKRaCxPisKc.dll	dll	1dafe08d6f57e705a0eb3a36e5a77929b83ee24c7f8a15a9803a6bfb7b2bf004	n/a	Heodo
2022-04-01	zz8.dll	dll	238b8c5a110f8643c50860cf4535e0ef2b319df3e1b3773f9eb1dd9fad41ecf5	n/a	Heodo
2022-04-01	72v.dll	dll	51bd0893f8239e98edda7a24f80d78c36f12ec4038f08c19e714e21d698a86bd	n/a	Heodo
2022-04-01	KnA0aaYkV0UB.dll	dll	bb02ef339774ae26c01ec7b50569896f435bb91c33c6880081f93c4acc4df438	n/a	Heodo
2022-04-01	vjBM.dll	dll	a350446e87bde15a894fc961898fdee77ed940f3c193a0dde2ab1f5472e9deff	23.19%	Heodo
2022-04-01	13d87Ytm.dll	dll	c7eb1d59ab011370b698d5022e6ab6618317594c10fe874e7ef36362a64e2a27	n/a	Heodo
2022-04-01	vBPjqR64YmNQPT3xOA.dll	dll	149865238b6bfbd9cfbcf3597e1dec5af4429be67a4fe0812f1d7c5169063988	n/a	Heodo
2022-04-01	R9yQpdazvL37i0OTqPx.dll	dll	787dd24b7468574c3a741585560a5137489087bb0f5ef0938f9ee32726b071b2	n/a	Heodo
2022-04-01	iN9bM.dll	dll	088670b2ad2bf84e0a051ba6b5d4250842a4ce7e958d14f10ee72c8e1d2bda39	n/a	Heodo
2022-04-01	JyIVQPB.dll	dll	99f78a856972143aef500762e9357d59b0706bcf1e41e0c6949b7dac99688dc6	n/a	Heodo
2022-04-01	I9PWfx.dll	dll	8049004e3242866326c2cdbfb5b284dbb9431eadd4fbc839175aa4665f9d177f	14.71%	Heodo
2022-04-01	b3tRkuV1XNZo5Tfqql.dll	dll	b432559a13573426729d58825e24e9d207295b5033ea13d161ad13df54608379	13.24%	Heodo
2022-04-01	dhXYOhzHcympCS.dll	dll	50d0e29218735c9c60ff626996bb7451e3fef93c849b195bf5aace8cf9f26fac	11.76%	Heodo
2022-04-01	l3Db0VqsQqd7.dll	dll	f992a1b1bddf5ad54ee31f9fa16de0dd831e3d7df2465731ddf5e8fc7cc7e211	n/a	Heodo
2022-04-01	6gZF3qqOL.dll	dll	a1e0b19975a374bfa3d55648c61a768f11a279816e686d1e5bf8c0e63c9e2365	n/a	Heodo
2022-04-01	m1lM.dll	dll	226a8f0387eeef68824a0b6040c7644c6f194d8852e8bc56abb80918ce22e28b	n/a	Heodo
2022-04-01	4R31T9fHBA4juJWz.dll	dll	67d002fb1384095980f3e31545686a10fa9ea44f0c74f96972cffbe7b8aae719	11.76%	Heodo
2022-04-01	ypHiIvR3UPFus.dll	dll	8c7a6c787e66eb46b52e6519d2b31eb08599f0e9793c38253f8480cefb7f7d79	n/a	Heodo