URLhaus Database

You are currently viewing the URLhaus database entry for http://royreid.co.uk/wp-content/dCwG/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2405951
URL: http://royreid.co.uk/wp-content/dCwG/
URL Status:Offline
Host: royreid.co.uk
Date added:2022-11-09 16:27:13 UTC
Last online:2023-03-01 11:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-11-09 16:28:12 UTC to abuse{at}fasthosts[dot]co[dot]uk)
Takedown time:3 months, 21 days, 18 hours, 58 minutes Bad (down since 2023-03-01 11:26:53 UTC)
Tags:dll emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-11-111cMVZT15p.dlldll ac69312898aee5df56c61f4dc4d2d8d420d4bcc11e52375f515832ad59f3287an/aHeodo
2022-11-112qe5dYUrx7xZc.dlldll 9ef22c63cc475747e86f99697c4bbfed01a379de72b931f8b3f2ecf67c529fcbn/a Heodo
2022-11-11BA2PMw.dlldll 65c75de64a5a471017d4f72039ead1e108a4c980a875c266e1f57d5769ea385fn/a Heodo
2022-11-11GjdK.dlldll 293279568b6d473bb470507b1132a6d56c8d293e185960f5c25a39c0ac586c73n/a Heodo
2022-11-110EwEw5kuGnhF8NlM.dlldll 2421bab838bfbe338d876c6093ff9f117f3dce546898c5cec819cb12692c2859n/a Heodo
2022-11-11kKsdiUMWEkDLIikfgZL.dlldll 970ff6083cc9f52d72f02ac304aeb91f4cc1ea905c93e1029276e3298c752bb0n/a Heodo
2022-11-11irxF.dlldll ed692135ef73036fe77e1acb3463eabbc3fb3804bba57967d363433adeaac419n/a Heodo
2022-11-11eAubscdH41AOEz.dlldll 50ddde13a767ce332ff51be307e602b8bf94be0f3d7e472fd7b84dedc8231d50n/a Heodo
2022-11-11vfE.dlldll 0018d4dcf880ee376926cf04a783a285dd8ea7066413123ec4677da4768770e7n/a Heodo
2022-11-11o4kju.dlldll 4b62867082aa757b2f083bb158d5962baa2d97faaf1b57c32f132abb9f6bb3f2n/a Heodo
2022-11-11QNo.dlldll 1bb2c5743a412d9c19025235b2e8770ff0744c41f502a767df3c5a9424394d77n/a Heodo
2022-11-11bHtXGn.dlldll 5d6e62562d383da124c068d2b96a45c9a0869af8524f4aa64bb4bbf2a0686282n/a Heodo
2022-11-10DnWYS22A.dlldll 1abc50b9bc93b449e3e990a1c848a248807bcf5f0c71a55d94abcdf13e1376c9n/a Heodo
2022-11-10TMpFMGnNGiIRq94cA.dlldll 4ddc031ada809a4405098b2bf3fb4454d9bb460d182627fad8b5259b5ae29f56n/a Heodo
2022-11-10qUgTX7m.dlldll d9b5ca70094fe5b306b7d7549976dd930170dab7416688496d9619f46a0cbb69n/a Heodo
2022-11-10rEYN.dlldll 16c323dc5fbd798f43f0234f206f3275d5a867037742a519175abd0069f794d5n/a Heodo
2022-11-10LNHLdAMgkL.dlldll 7757972284084520413f8d0d2ece5ac59a5077d54dc0b48471d00f650e125224n/a Heodo
2022-11-10VXd0yoR.dlldll 0d06f00e672f16d12d277cfbce3a14de7f898f57ceb60a8ef52e2c95ec4836e2n/a Heodo
2022-11-10A9lNlnycoZ1E.dlldll f06c9fdfa238036de3aa9741a570a626633e94ec9e21d7e5fb3052327fecbfban/a Heodo
2022-11-10WRn2QX6a98nZqUz8ag.dlldll 1bf42b96ee175e70e334bd39cdb20105728b11540068d968af23ce0311e9494dn/a Heodo
2022-11-10pBE.dlldll c6ad2f1b35e4b3945335edf5bef2b417b18f7ce36da1cd9a3021661f4c169288n/a Heodo
2022-11-1061sxfrMbMm.dlldll c7e44b5c473ec63f9017161e88365a6dde5df05126c61feaac25816e7bb2d76en/a Heodo
2022-11-10xZ6KJe6LL1.dlldll 8afb72a23d1bb7a66d217e0eac6326a61b3bda4da356b9d2e0b7dc29550d3c35n/a Heodo
2022-11-10DfWoL9MrlA5Wv6qD.dlldll ed2ff6684156ea23fab9d59eae2d3bc4f4efda805e9b495b9f4ae559bc3ad18en/a Heodo
2022-11-10iaEyT.dlldll 4d2576d3c3755fd8d677e4e7e59e65bb01139c29e521562f90a5772824057878n/a Heodo
2022-11-106FBY3bKSdtsBD4x6.dlldll 58d0f01e01e9a381628b2251bad65fdeb7690eb6c31687fd9994b0b64e76fd32n/a Heodo
2022-11-10XfumxUP.dlldll 3e69d11b4bcd535c2603adeed8cda7fc1dfd5d1a1bc9436e2aebd3e68e093f4en/a Heodo
2022-11-108bO.dlldll 64bb10894d6d291630d82fd06ba3b58183dfe082afa50675125c3ed0cbf42baan/a Heodo
2022-11-10HOgefQc2PL.dlldll ec8406f9609cfbb83bbe6d2b382b7757b66bc7fa143bfd6df850dd68af7a054en/a Heodo
2022-11-10ujHZQme8AaPp9Ow8K8i.dlldll e9eeffa4f1159e5abbaa4994bd96b152ff52a4356de2e2695215b9783c72920dn/a Heodo
2022-11-10lxbgyTc55FkJPVS.dlldll 32aa6f291114fab8231e8b8dcb7a4b87605d89b0f0858f54049950779e468914n/a Heodo
2022-11-106eU6QrnmgTO4s.dlldll 0b47fa5ccfac78e556985184137ff853140bab3bda8c7ba3e08f9dc1d63994d6n/a Heodo
2022-11-10bzuCU.dlldll 355789909399f63cf400ecf40ad8619e600e165813ecbedeabeeed3a8b2d2440Virustotal results 11.27% Heodo
2022-11-10wOHGEs.dlldll 47a022e0215245ad7964822fcf43086bf730f775e56a28723d258ea084042faan/a Heodo
2022-11-10JC6s5INutAkQuYpMT.dlldll d51fe833e66786258d19db1edf32681a72ad6497817bbaae58c372cb00bd3826n/a Heodo
2022-11-10O3Jh.dlldll 3975b5510d8bf15800b8e3a311d986c2a57fff503fed27e2a4174d2c84f83fcfn/a Heodo
2022-11-09uTY4.dlldll c6011b580a4aca816ca90bba4317c74ea330fb061e53f35c34e71eea990f73fdn/a Heodo
2022-11-09OEsAe.dlldll bb986e22a79b14a597d266eaa7a5ab228a606cdce5d91a5444cac8a985703919n/a Heodo
2022-11-09VJjCGL.dlldll d7002621182e36376b38e3a519f8eeae79e0aa8971421fc69ee3c0792bec0561n/a Heodo
2022-11-09Vl4dmfa6Sg3rPq6.dlldll 5362ec3162431aa37fa5bccddfa4951bbfd437b9fe2c358de84c656174d934f6n/a Heodo
2022-11-09sxqEsE21ChfbEntM.dlldll 976a51c38a92bf1c301d7f6054fe84a2f7f42291dfab44e4ddb6a8bc887886c5n/a Heodo
2022-11-09Bm2r.dlldll 98887c6162da69b9a27f85cc91bb5aa22f6a73ffe43dba4d86ea12d1a23e54a1n/a Heodo
2022-11-09l8p53KtyOLAcwZXWq8Z.dlldll 57cba5d7b6b16c5e78b05561fd0c244d4b81eead3534399e1b145bf1e6102f3bn/a Heodo
2022-11-09caE.dlldll 34dcba7c6c254e1a7d986e877bb0696969a11ce6cdd6e21d08ed4131dc5cd419n/a Heodo