URLhaus Database

You are currently viewing the URLhaus database entry for https://ewingconsulting.com/wp-includes/1sqrshC/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2253836
URL:	https://ewingconsulting.com/wp-includes/1sqrshC/
URL Status:	Offline
Host:	ewingconsulting.com
Date added:	2022-07-04 15:03:06 UTC
Last online:	2022-07-05 06:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-07-04 15:04:07 UTC to abuse{at}deft[dot]com)
Takedown time:	15 hours, 25 minutes (down since 2022-07-05 06:29:31 UTC)
Tags:	dll emotet epoch4 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-07-05	X5jPJwDhB5CFhb7gDfs9LLs2IBMZHKnF.dll	dll	ab18e9943200a405fb03d49b580d51c8fd0002d5d27e15c1ebc6e1a8ff9e7de1	n/a	Heodo
2022-07-05	QwWLClmLGRbicPTEID9b2n9cnAIFSG8.dll	dll	4f9880be7f158c9a53477de4236bee6e9e240c7f2135f188a83d660b6ff14bd4	n/a	Heodo
2022-07-05	oT6e2Wy1CsJaz1KLzS1.dll	dll	b89e9a990510c44196c4a3c034794eb654006198feea52a92a2560e26126b7a1	n/a	Heodo
2022-07-05	KU9bltMF.dll	dll	35601ea7386bb28dea35f53a53ec142902f4803dca088206c2a10e6f8059c5ca	n/a	Heodo
2022-07-05	Mryw7NFfj.dll	dll	4d492f8a009e695b06035bb7c8e7d82c2304012bcaa1b351906709ee970de198	n/a	Heodo
2022-07-05	xqpnSIEjLn7MGgGoVhCl8BVyK4v3VMSm4ov.dll	dll	d22e75bf5cd4d2ed12a6a207699a4edfb193c75b62d24a9c619a409ad5a5dedf	n/a	Heodo
2022-07-05	wmQSyrtIu3yuZNjOJXoC9c.dll	dll	f455a109c23a9b8377ad9a33853e4ae92120a65967ef634718b4f5662b4c928c	n/a	Heodo
2022-07-05	QOrasfFxKZabhcs9vY1xI.dll	dll	c4fa41645d902cb31f1c18a3015d07825fdd2a727e613c8d0af72a2e6de933a0	n/a	Heodo
2022-07-05	1ckJffWZKXzJNvTsWxr83S.dll	dll	21723af06d9b399080061e2d5d4f935731e6d41a492a4ebf253e54a9f9eada2d	n/a	Heodo
2022-07-05	bx8jDQw8GKimAYSxjzTuE.dll	dll	8eaba54ae9d5165ed13e217f6cc8d4c8b5a816ab27ca567ec2cca6f64f325bd4	n/a	Heodo
2022-07-05	sF6KseSDLQQPYkI.dll	dll	13979e31b031dfd3bf15b7a2f15b0ea02c141ab62e6713b5bffa90d9a63ce879	11.94%	Heodo
2022-07-05	ggW1tXXaRTmkDU5AC3mSkTUg1X.dll	dll	36ca21651937d3abe4a59f1c47ab7ecc2e0f12e301cf3e71055664b5a5b980da	n/a	Heodo
2022-07-05	oUQa7OAXPr88.dll	dll	44b069488aa53249532d4323c315d8228357154410b591c7c263169aa9ff2d1d	n/a	Heodo
2022-07-05	DdZTtMrjqX9zVMjM71rQjYiVIJADWtkq2.dll	dll	f7562aa9517d7d75524ebcd2b62bd834054ec6a4139358d3857cf6f4221a0338	n/a	Heodo
2022-07-05	tn1jYsIdThDZK4EP60nwd9EiHtq17wfa1V.dll	dll	9f5afc5d9313d1763b7c9f882e1543b1f8a195072508c046d87d28c67ce07c8c	n/a	Heodo
2022-07-05	V2SULkq7NfJ.dll	dll	12f4bae2cabae2df2270d7e964b2fd8bfc3acd76254c2fc6f80554e27df8a19e	n/a	Heodo
2022-07-05	GzPSyDPmAidgFQV5A.dll	dll	ee53a45881fbe18c453e19004a02881e88fe6931621dd2e9c55787c260176c92	n/a	Heodo
2022-07-05	59AoU6eeJq1.dll	dll	d7c9bb469cb56b8fa1b9265ff1fb7726ed9d8520bf1138146d7bc1bd85a7e511	n/a	Heodo
2022-07-05	UG6KfhE.dll	dll	a70861338cf58512a7e5ed92b022c8818dba86c896e30cfa1ca70ffdadb84e03	n/a	Heodo
2022-07-05	D2fu9E30N0oNoe4DoG5bZpokgE7SE.dll	dll	b3b03d6d46ea2e9acd88c2b8d6e27908392d5bf1384f61d296f08159090c1928	n/a	Heodo
2022-07-05	hBQ0ef69dO1rte0SEygE4Net3bbC.dll	dll	a432d3d290ab46562ecf7c49dafbb90e825fc9e87830312084772a2ebcbcc8ab	n/a	Heodo
2022-07-05	0OhSOuBuQyLVf.dll	dll	d1569bba4af2f829ea1577d9394a5ae2088359b354e753ac32a266fe2493cd8c	n/a	Heodo
2022-07-05	zzdJDMEPPy1u.dll	dll	1d33056919f3f111aa23249625ee46c443ea92c1b5b7d0e577e9bbb3a006739c	n/a	Heodo
2022-07-05	XBZmUJG06JtbhAGiLk0vMKiiFdVNYxd.dll	dll	234ebeed4e9bc65ce7ec5f5f5793bd9ddfe71ec3dd4e48307d55d361800e2f1a	n/a	Heodo
2022-07-04	5dW23d058mbzS4kk77XTc9.dll	dll	d171d0e8c56d39b8785aef9fb36b88479b87c3fc9756dc931e2e6a1c403305e8	n/a	Heodo
2022-07-04	7LALrXCicaZviE.dll	dll	cd4b970b886e4e75a13f4268edb4418dee4f42e5071f619df7bc321fcd178362	10.29%	Heodo
2022-07-04	WxjCFbwa2XL4t9uO72gtz6.dll	dll	fb7996d37d7ab3a79983f1d0bbe1cb3246ae044542b2e125a5baf9b362248ca7	n/a	Heodo
2022-07-04	SYtEdasPAokxGAjdAHdgjXkz8R9by448iu.dll	dll	09fcd6e3d22cac02b5ae7d434569e33ba5209585e86b43e3835199ac32ebfcb5	n/a	Heodo
2022-07-04	PXN6flWE8Psq7GIhkHvW8y8s.dll	dll	207ec07758f2ee6857c02f41bbfad9958994d2fb66a6192a2cfb5072faa89706	n/a	Heodo
2022-07-04	c3SQhUBdUVy5d.dll	dll	916461ffb610523370e2b4f522c177aa6537f84dd3a7cff9094fe197b8262601	n/a	Heodo
2022-07-04	wr0Z8GRIZrKVZwGdwK5QBckE3Jj.dll	dll	7d97f5798d059e102180dcc395fcea12593c292a20a9e5b37e556fad7ab3d3a5	n/a	Heodo
2022-07-04	dY55aFyM.dll	dll	259d42cf0cdac306e4b1ea7f9b904ba77be02ac04242e7a538265a3ad56dba74	n/a	Heodo
2022-07-04	wcUYqwegmzL.dll	dll	c0b9cd706be3452405f21404b7ed152ae7fd187f96090bc20c76ae2a8bcc0ada	n/a	Heodo
2022-07-04	RJ6ELvha0b5Sfy.dll	dll	d83d6eb261de5f1d2f8b7c1cd6bdea5edd1ccadaaaa0aac07f4370eddfe374b2	n/a	Heodo