URLhaus Database

You are currently viewing the URLhaus database entry for http://nissandongha.com/wp-content/KNzBUjpb/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	235402
URL:	http://nissandongha.com/wp-content/KNzBUjpb/
URL Status:	Offline
Host:	nissandongha.com
Date added:	2019-09-25 17:05:09 UTC
Last online:	2019-09-30 01:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	p5yb34m
Abuse complaint sent (?):	Yes (2019-09-25 17:06:06 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:	4 days, 8 hours, 4 minutes (down since 2019-09-30 01:10:43 UTC)
Tags:	emotet epoch2 exe heodo Trickbot

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-09-28	7f_7719456187.exe	exe	f4522dd3f93ce30b5b5d41f2d51f10eaa1468c52b33d3c475b8053fdcc6086cb	20.00%	Heodo
2019-09-27	5dfffsnz_7521048.exe	exe	7ff78cd9345622ae983b07217d323fde77d28819500dc292fed766bcfde35012	19.72%	Heodo
2019-09-27	mfp0_68690925.exe	exe	e9f63a01ad6f7e027c3a44afd8760a275fac979ba072bb41546746721345c549	20.29%	Heodo
2019-09-27	is_67.exe	exe	eb27fc9ccb3567a45f4d34d53e953eac92f6927836045dc2cd644e0083d8566a	20.29%	Heodo
2019-09-27	ofdjcgf_0388.exe	exe	e1b6c51f3824fba7276aafbee206b11f35a6ec06113bcb35547d3b3857f6e301	n/a	Heodo
2019-09-27	xf0zxbk_581099423.exe	exe	46933dbd2a7b38c439f93ca632f84071dd631b3838319758e2d6803c637ab968	n/a	Heodo
2019-09-27	q4w3yyh51_18244638.exe	exe	3a0a2f985e9766b0a5f346b48e1b4ab31584f47dad22eb9d966fc7e6dd28dc00	20.29%
2019-09-27	h1k_157652505.exe	exe	a9b59bdf1395f7275793421158548494d92646662939550080fe325673fa81f3	n/a
2019-09-27	cv0a4mjyb_12974347.exe	exe	d3d9f267ac7027bb17e111a775ce33a397da3c25e341b3bcaa15752a3778fdf6	n/a	Heodo
2019-09-27	0pfqgq7j3_07032522.exe	exe	52aa361de36de048bf8c25c127498dbf5bd740365ae4d4878968216120e703a9	22.86%
2019-09-27	pkj2ce_835915.exe	exe	e382932936528e924812e5967a25f9e0296c34edbaa62fa3e1cf0b4b37700f7a	22.86%
2019-09-27	v1h_01261856.exe	exe	52f419d24bb6eaf0c73fed496a4894e7188fa638d403e1f6302e9bbb79273ee5	23.19%	Heodo
2019-09-27	u2wymv_857433.exe	exe	403ffc45012019acdb891d071e1ad5a23beac91ea6335048cb0484b38662858c	n/a	Heodo
2019-09-27	t27dd_654263221.exe	exe	2ee9a0e132208680a26b69f93bab71c515ff63e50cd7bf62cc8bdf9f0c88b18c	22.86%	Heodo
2019-09-26	ow9_2.exe	exe	1acb5d5b29d5e7d5a229ca92bbe64c8493b307777a22a867510464a7965af6ed	22.54%	Heodo
2019-09-26	1zul1nk_8.exe	exe	683a17d8cff25be47700c7eb931113b45bc5245c6482f7e6b4cda4916e50d294	18.57%
2019-09-26	n20gms_5560801.exe	exe	2c220f98ed0039cd615ba05855861a09ff391502de244275700f76f9b4fba56f	18.57%	Heodo
2019-09-26	0vmsi_5474613128.exe	exe	aa05dff45ed5901f173aa35ed57dd05c6d35366297577724d86cc990f8e83baa	19.72%	Heodo
2019-09-26	xkow_91.exe	exe	3166c20398e8b0630feb70fdae280376ea2868742a46513739f946648daea6d7	17.39%	Heodo
2019-09-26	pt_05508342.exe	exe	e7f4bfb59f5f0f49b06708d9ab4629d43973ade4f321cd4b558aad32a6fa2b0e	18.31%	Heodo
2019-09-26	0_7003411.exe	exe	f9628302d27b05529ede9c1a7ee272adcbc96ff9046a7dcd6ac653c280fd8021	19.72%	Heodo
2019-09-26	etung3wad_55951775.exe	exe	3be0ea13e8d2d2b51bc9b6d93d4f40ab8ea3a9b779e1977d4b5bbea42dc4bda2	19.72%
2019-09-26	4dkms_46816.exe	exe	a63b61081d410f3665c6737cc793cb47596ae3fd6c0575cebb015f4679d2eb69	20.29%	Heodo
2019-09-26	yj7uhv_8613864570.exe	exe	35650eb7416c51ab0dc838708c2fe8d749380d86f9949fe93c44452c83e6ae6a	20.29%	Heodo
2019-09-26	3l_7.exe	exe	2ece2644279aca92a5d1669aabfa7c7b035bb5eb823dfc108cbd3eb950363250	19.72%	Heodo
2019-09-26	h3_893.exe	exe	5e82997acc74bc36a5a5cb687907e4cd30ec25990f1fc84f1decc68511821653	18.57%	Heodo
2019-09-26	403jn_82.exe	exe	ef7058035e83633c8e23aa4cbbfb945b8bd6757071051fdb4f7ac1402906da2c	n/a
2019-09-26	ls_8707722.exe	exe	655e07855df711ae45c48f19f2cb1336f01bd052ee2b565adeed18de1f11c17f	21.43%	Heodo
2019-09-26	vdb763uvt_2016.exe	exe	6ec56e28276012f14fb9731a34e0e08d214f16c65eae3641fbe6d42717817bde	19.72%	Heodo
2019-09-26	m9yg_64842853.exe	exe	7caf8a50625f60f94b269743546783a8bb1eda006492f4a13790647a7a3be665	n/a	Heodo
2019-09-26	wut_08944.exe	exe	7bdb7abe525c0f9ea07919080fd3f4f932658bb154e785297c09903f3a20dddf	17.14%	Heodo
2019-09-26	qg9_8709.exe	exe	af3a195b6d48e2446eb09ca02dac538efb3272580a178e8101c64e51ec5aa118	15.94%	Heodo
2019-09-26	v4vulk_0517989883.exe	exe	39ff3735c3d7ddaa3ab9ef6d0a9cd1f3a1090abccb6868cae06d23acfced4256	15.94%	Heodo
2019-09-26	f7hbis6kx_5175.exe	exe	e95514fbc8355fa4391c581e12c648f62e18254cad4424a6422ee084b09b571c	16.18%
2019-09-26	q_87894.exe	exe	af52cfd9273154600618fc968936324caffb55cd894a6cd46a477520e9a8f5cc	15.71%	TrickBot
2019-09-26	5w2ehikflf_5377.exe	exe	9fded043df87819dd9abad7469280a2227ea7fbd04dba24a04ac64a738e3747d	15.49%	Heodo
2019-09-26	10agx3_16985.exe	exe	cc2c31275b30872adfcea0a548e57fbdd16a3372e180666f57198d82f51e04f3	14.71%	Heodo
2019-09-26	nlcfj8c_1597.exe	exe	7752e4a08d0034275c0b0b3a816552c59b652f59af9c0e74278223094713e9bd	15.49%	Heodo
2019-09-26	300653w8fh_5573.exe	exe	294e8aecfd47535a36926d855612ef3b4abee6df677b6fcb03d84403a13fd500	n/a	TrickBot
2019-09-26	pf_8.exe	exe	80ff5bc7dd7ae7b0710f685eeb43004b42b58df667e47861a09a70fac7459dc9	11.43%	TrickBot
2019-09-26	mi8famyqm_5531.exe	exe	c68eabd43b8f840c9f3604a7e0cfeddf11893371e9d8c26656f49906c19a01c2	7.14%	Heodo
2019-09-25	feua5pt_249692502.exe	exe	da41364ff28e692d756c7f9d638b095c4c1e092c757dacc2d7d335351905ae4a	14.08%	Heodo
2019-09-25	2p_0417508.exe	exe	6a5576a1676ad0bb219b18eafb74e669165ac4f7037525e57c87d8d7ec7452fc	5.80%	Heodo
2019-09-25	8eg2_966.exe	exe	167bca1a060947567b027a98858ca6199a270a74f544d7c620e8abeed20cf842	2.82%	Heodo
2019-09-25	470_60.exe	exe	91f29c8521aef0e261ff28bc4824380791d63d28cf6525cdef6858157dcc210a	21.74%	Heodo