URLhaus Database

You are currently viewing the URLhaus database entry for http://metalgas.com.ar/wp-includes/pIxAd/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2199283
URL: http://metalgas.com.ar/wp-includes/pIxAd/
URL Status:Offline
Host: metalgas.com.ar
Date added:2022-05-17 13:22:12 UTC
Last online:2022-08-30 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-05-17 13:23:09 UTC to abuse{at}hostmar[dot]com,abuse{at}dattatec[dot]com,pablo[dot]pepe{at}adinet[dot]com[dot]uy)
Takedown time:3 months, 15 days, 9 hours, 31 minutes Bad (down since 2022-08-30 22:54:33 UTC)
Tags:dll emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-05-19Qri24mFv6YpSAj4gYI.dlldll 4264219d72742033acaeba85bf70e36040d17419ab64f62e5b9dadd2ddc73e6bVirustotal results 10.61% Heodo
2022-05-17DBuyh3RPzn6.dlldll 972041c44d2e1adfb6cf0a4908c69f222b5ac6518aa782328719b43823197172n/a Heodo
2022-05-1733QXOHeYKi.dlldll 3b669c93f55a5bd114478b97c2216b6850d5b6cd8174aca4ca9e8fff574d79d3n/a Heodo
2022-05-17RBSvnU1Db6xXum.dlldll 7cf0808b464e6fe78b671b53fbae2f95947d053209b8e8c3f767c81efed218f2n/a Heodo
2022-05-17JMl6wtiSY0v3ns6KXZa.dlldll bbbdd3f085e20f97fa60dbb4bd9098e787a38b476d2f7731ae4101e3921a87f7n/a Heodo
2022-05-17XMnbbb.dlldll 421915cc88c6be5b964bb922d85701a041b4d8b014b1df9b7148ec434ef71e82n/a Heodo
2022-05-17sOVng6TBNoDyIZLK51.dlldll e872749f42aba8891ae5228f5cc7e3f4a44e6ca7337db34bbc532345a3404a38n/a Heodo
2022-05-1720TDkvCbw1h.dlldll b0b4138af675b7be9b5b67638c6d24e1a96a551cf28dacc28f5f33f29b24a590n/a Heodo
2022-05-17bLEEQxckzKWPT.dlldll c9dfc5aa107ff4e18e47595e2439183435d52526011cd44a15bb4582b8177325n/a Heodo
2022-05-17u3cIox6WFYYqHdHi.dlldll 7dc59860c713217d6e62b14f88a6e28a6ce03b374cb355d95f9686bebb0817f7n/a Heodo
2022-05-17PdDYlzEGBmRzb3l6.dlldll c5d3395ad1dea6a3b101701c1ab4ea32a6c4ad84d42e2e3122e848fc7358d780n/a Heodo
2022-05-17OBeAE4HduX.dlldll 0dbef8d15a0d37e75b9ab6732a2ec79c9ed54e7b5b01cfbfcc2863c6065d2186Virustotal results 14.75% Heodo
2022-05-17ljjJiv.dlldll 25f1724f8a521c285f5d289c7c0dafdbc77deb21dc8dd878faa654411c2d75f7n/a Heodo
2022-05-17URSmBvQgCsYu6J.dlldll 799013b7e7ddb5f5cfc6c8e060b5db09db4e386dfd0610c981831aa3e2e5da6dVirustotal results 14.93%Heodo
2022-05-17OrR3FzuVYzfgAPFjM7.dlldll 1b46d537f25548f2c69309dd3be02c11ce515e3baaf80bfebbe98e5bc2c1dac0n/a Heodo
2022-05-17O3KRh6HrQ4K8g.dlldll 9ec2d288545a0e07bb22b965b5bd2ca5421cf42196031071685b9916f670f7f0n/a Heodo
2022-05-17z1CEeX.dlldll e3fab538766999306d42f12d9692ff2da4e6327079a27a7f7688bd3bf24fc782n/a Heodo
2022-05-17eI9A3zPrgwpzLiKU.dlldll bccef8cf7fa8e131ff1bd75413dc7604af0e7b801fd11e6cc24209cec4bd5dd6n/a Heodo
2022-05-17C2G.dlldll 57a75de48a92890d02c93ee84ef71074f620ddac482eb59adb2fafd3642df4a8n/a Heodo
2022-05-17bM2u1S86.dlldll 43fa93c3d22ab686c5d19b4c4252dd3490ac463ceac536643d3a923c48033585n/a Heodo