URLhaus Database

You are currently viewing the URLhaus database entry for http://es.nestradas.com/wp-content/languages/plugins/2c.jpg which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	233576
URL:	http://es.nestradas.com/wp-content/languages/plugins/2c.jpg
URL Status:	Offline
Host:	es.nestradas.com
Date added:	2019-09-20 12:11:16 UTC
Last online:	2019-10-03 05:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Blocked
AdGuard :	Blocked
Cloudflare :	Blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Blocked
DNS4EU :	Not blocked
Reporter:	JAMESWT_MHT
Abuse complaint sent (?):	Yes (2019-09-20 12:12:08 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:	12 days, 17 hours, 15 minutes (down since 2019-10-03 05:27:20 UTC)
Tags:	emotet heodo Ransomware Shade Troldesh

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-10-03	n/a	exe	907c727148f37af2a727c62cbf0683edd6aafa7ae86c0e61ac84a3e9da543767	n/a
2019-10-03	n/a	exe	9fa6c56e39c93376077cef0f21d7a06dff8f192e15631a1e61ce9800482e7ecc	n/a
2019-10-03	n/a	exe	41dc61ad9069cc04249170ea33f8a338cd20bf0231a975c9f028c194ced042df	50.70%
2019-10-03	n/a	exe	d6e69dac440fd7f62f51c815df6d7dc8d54cccef32c78854146bb52cac75ece5	n/a
2019-10-02	n/a	exe	35c12e49c465c57db03f8ba545501f209ab35ce68c8f270ebbc054ecbadf27d0	52.86%
2019-10-02	n/a	exe	4b026c96d420a07f6f483990a3a1b5c65eb1372ee144495b89fbf252432a39ba	n/a
2019-10-02	n/a	exe	79720b45dfca2f62ee7098f529f5b6175d0a4a085d42054c1e631d1b90b668e9	51.47%
2019-10-02	n/a	exe	46e03f441680af30728eb90e57538c6bda134f7ff147b8c6a4beda204ed8c2e7	n/a
2019-10-02	n/a	exe	48a37b55f6a4965cd88ae11022747640213cf49d752a579f772c0961735e608f	n/a
2019-10-02	n/a	exe	4bbf31008c7f369e4c744ccd2e9a2330619d73eac5ae5a948688cadb840fbddf	n/a
2019-10-02	n/a	exe	b1b5142c5e2658aa866b329760b0d3759d1e3cc41d96faa58178586e77c2180b	n/a
2019-10-02	n/a	exe	beed6e817bfe06e8ab58d461aa67a621d809c57aa3af0f047f625d3d7dc68b4e	n/a
2019-10-02	n/a	exe	be06ebbec51d5cd36a624fe39c4121a189a5e295ab733229f747280e73576b92	n/a
2019-10-02	n/a	exe	9e2fd6c12f5340421f844f5585729dcddda961802415ea03620ea7f6d0182076	n/a
2019-10-02	n/a	exe	54035545984753d224b3d555b8d699b9b7c6438b093f3f7a87c8d58c263f49ab	52.11%
2019-10-02	n/a	exe	b9a42f289f740fa3e52f6b842c4a74f03c205d698454af8bc9b485641ed6fa25	n/a
2019-10-01	n/a	exe	0574c1ce65c42cccbc58006b397a0283a351f0d9ced66c23354471adbf5a23b2	51.43%
2019-10-01	n/a	exe	8c87ee78138c9ea2ff80a322689bcb86b7dd63ac65d1d5f912eb89ab342d3842	50.00%
2019-10-01	n/a	exe	b33e8159e599024bbc6ced0e1bd432ad5c0ecd53a56782f901c902747f277df2	52.86%
2019-10-01	n/a	exe	923dc3a52a30a145d20ce2b757bfe702fd274a47a4375fb17eb3323eda4b3150	n/a
2019-10-01	n/a	exe	50962e8bb4f3347a402dea5fd189f3bf2fcf7fa4d4aa64f45b5d26472caa85f0	n/a
2019-10-01	n/a	exe	125c8323107eecf81630d69d3d76ca6888a47af7e88cba7800737d9701137321	n/a
2019-10-01	n/a	exe	ac164577965ce3ac8127445027ea1cb13f7a58e1346da39fbd13ec699f6e7bb2	50.00%
2019-09-30	n/a	exe	94a75c8750c07c5be191b368d8700803b933c6c47f2436240d16728c146b037c	n/a
2019-09-30	n/a	exe	39144fde3611eda85edb96fcda86ed774408c760f5ade19bd811716ab3b0d5b3	49.28%
2019-09-30	n/a	exe	2644be57944132b5aa0266e479b5693be9349a69f9b41308bfbe784afd9f3a71	50.00%
2019-09-30	n/a	exe	3dc90999b103d760852084e16b73c8869434d94353b50de7a39d3d70434140e5	n/a
2019-09-30	n/a	exe	4ec73917b313f528e854fefb5c6c467af5aec0e5ae8a9065abc00f38b04658ec	n/a
2019-09-30	n/a	exe	5008f9a1e371f5b8f02988478fa7126f57329ddbda202371527463e21899fd5c	n/a
2019-09-30	n/a	exe	1ab71b16528678e1530c92d8d95b7f873056e5acfefe571c7a89d03d2617dc48	n/a
2019-09-30	n/a	exe	d61ddbb3d384e234499ca50b1809a258ec92f646331cf47483394131ab3705c7	n/a
2019-09-30	n/a	exe	fa2930a0f2060839cdf5255674bcbadf36e14370a05c454cff3266f5350011eb	48.57%
2019-09-30	n/a	exe	0a1473f5802e102f7be67d5b840271a87559839fe5f4b9843b187bacde6dd04e	n/a
2019-09-30	n/a	exe	9d99205a99b64592022d338e632abc506ccae9c6f7b8e3fe9337272615bb9e7b	42.25%
2019-09-30	n/a	exe	8d59c9296de34286f86483e0f3e1e57ba5c7352b93a981ce03b9a03942e9038e	n/a
2019-09-29	n/a	exe	f82db5917ec2ded976efe9a8c4219407adb45bda777cde5d676be2c5b032c454	36.62%
2019-09-29	n/a	exe	198cd0c71b4972f102044d03d5124a4d84d8c7d368c1f9805ea89e8380480086	42.25%
2019-09-29	n/a	exe	1d625213edb3ea378fd19648ff24fe2fcb8f815d7212629aebaac4c4eb6ada97	n/a
2019-09-29	n/a	exe	e50b59b65fe91d67437b2b2dff58797dc3e7778e5e8fd63f53b402544cddb854	n/a
2019-09-29	n/a	exe	d91c972affd2792641bb3c33b419f6ea27fc9c315a57fdee278e44e6ed5ee34d	n/a
2019-09-29	n/a	exe	037f7a81f37c26b7759a9a0483217f58e4193c729f4dd6b643af18265f957f2c	n/a
2019-09-29	n/a	exe	57a214eff955bf6ce8cc9b62e47f97d29ea6f5e1490781e0efdabc0e729446e0	n/a
2019-09-29	n/a	exe	85de9029098ea3fe1e6059a0e0082989c467e101e9d71926cd5204ddec2c1b38	n/a
2019-09-29	n/a	exe	fa7d34d43981ddcdecfeb13e70046bec04e144268c2f75a33b84975c13ebb38d	n/a
2019-09-28	n/a	exe	301f30e315c2083e8667ea52f1bf88168b75238659d37d7d9b0e26038e307db9	48.57%
2019-09-28	n/a	exe	285f0dd6f1e9b06f054fb6202edcfa11c7e85e77b468fd7b2e41f447a03fbdd0	n/a
2019-09-28	n/a	exe	654ef32493ad0fc8f10229b1a517755b27bd0933f63524d7ebd1f5ac1693ca56	n/a
2019-09-28	n/a	exe	fcfc258973f9a15834c4435fdee090012f5cd6c5cab77534249d4227e708a2f4	49.28%
2019-09-26	n/a	exe	5c71bf53694dbe9d0315cfa10af74c7b09940bc7e420acd31935f202f223218c	n/a	Heodo
2019-09-26	n/a	exe	76e03c80c1f3e10230e1b04edcc38c43b6e09abd1131949e8649c61b0f8dc313	n/a
2019-09-26	n/a	exe	8592c2f4d354b3ab4e46852098efe9ef9cc86c2ef54194be51a8596349eeea06	n/a
2019-09-26	n/a	exe	1c4ef1c2d813bc27e978a52d89ab1f03bf5405f43244615dacc2458a3982733a	n/a
2019-09-26	n/a	exe	dc484470d79b5af7e511dc6c89c7416f93ffe9540dd97711e7ed964101c7696d	n/a
2019-09-26	n/a	exe	4a9382b4515331a8850f5b34a3be9b9981f584a92d6a02c1ec797bd2e28747bd	n/a
2019-09-23	n/a	exe	71972ba40f1736638d0f5756acb835bce5145d8988b9001fe96d930c9c7e44b0	n/a
2019-09-23	n/a	exe	e52df4dbfdffb5ea54388330d9ed723c3b45d3eb24453f14c55a1a7bb859dd00	n/a
2019-09-22	n/a	exe	fbd365095977410504e89f457c506c86dc38dff21b605bc49c550ab9c7c2a00c	n/a
2019-09-21	n/a	exe	c1bc96b5db1fc515a88fbf2438c0e84c5cd9de82adcab5f997f3971deca960a0	n/a
2019-09-21	n/a	exe	1e13384886104bd2c65f01c983e8e54400c5561a5100b242f8f7e51a78feaf84	n/a
2019-09-20	n/a	exe	b7d5c66725810c90c16eac28adfed02a40ea845d38f7a2ff2d6020c1092f21b7	33.80%	Ransomware.Troldesh