URLhaus Database

You are currently viewing the URLhaus database entry for http://focusmedica.in/CG4YYrfcFISmm7Q94/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2407717
URL: http://focusmedica.in/CG4YYrfcFISmm7Q94/
URL Status:Offline
Host: focusmedica.in
Date added:2022-11-11 08:32:10 UTC
Last online:2022-11-15 08:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU100012175 created on 2022-11-11 08:33:03 UTC)
Takedown time:3 days, 23 hours, 46 minutes Bad (down since 2022-11-15 08:19:26 UTC)
Tags:dll emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-11-14T6xRRmHZjx3r.dllunknown f18f3b520057d647595d5a220624dacc7d6839dd5ad028bb998dcf19775ab6fdn/a 
2022-11-13T6xRRmHZjx3r.dllunknown 1dd0341ed9ce17f78c94798dd5d5e89dfec842c022b03a13f2af7280fb494b34n/a 
2022-11-12T6xRRmHZjx3r.dllunknown 8964c23a9ee36690ff05b0f4428f36d086ed9e05f0770db8119669f31653affbn/a 
2022-11-12T6xRRmHZjx3r.dllunknown e16fff2510d576da85c1f2932460cc0ffcad5b92d6f21396eb8d1180cd35b0e0n/a 
2022-11-11T6xRRmHZjx3r.dlldll 6a23de1a012c23cc7a5c85ca6ae24a0418463220fa81e1e3e9c7d5b13c433aa8Virustotal results 20.00%Heodo
2022-11-11dhXefr.dlldll a8734fc2f1b83b980e7b422e2bed5cb147d1616de9effb1ab5fa64f5af2f5719Virustotal results 21.13% Heodo
2022-11-11qjUcKmhBm93y7GUj39.dlldll a914d1ff2db8419a3a77dd4128523740d3361007d70b5c400bbfb854a2586885n/a Heodo
2022-11-11U4jKxooT.dlldll 5c2eba4ef5f80cc484bc22d9dd8392119b6239c6154b99b6990732a67187ea41n/a Heodo
2022-11-11nDsqzvQilbRo7.dlldll 6126370bc83e41f6e67d422765db6993be32f512c2c1b9dd6fd992e2e7512a1cn/a Heodo
2022-11-11V4nHSU.dlldll 73b1e2eb90a839e61cd762d0eb2f7a6a131b688bb7c93063abfc72a0ccdd2364n/a Heodo
2022-11-11xiq4pZZMRA9l4JvA.dlldll de998025596f13bcc45654987ff4bee5d2cb888a0f811b5a2ca404518bc2277bn/a Heodo
2022-11-11xX9C0dJZzK7TviZ50pE.dlldll e3e5835e5328b77d7dd1a704b0c9997079bc87338d68af849e8428665a6ced37n/a Heodo
2022-11-11K2aYDfIhM0.dlldll 9ff606e6e7457a5bfb91e4bcea5dfbfc4aa7fceb4d6f3f5f5b6b20804d5f18f8n/a Heodo
2022-11-11osXNLC3.dlldll 051ff045b0dd2506681fd83257126acbaadd055b0d3095b716f3516037d43aabn/a Heodo
2022-11-11TdVQkUtXy09v.dlldll 6e01a6c1ce007ceb799a549f9da8e4cd4f01e01133b84292000fdac8ca991ff6n/a Heodo