URLhaus Database

You are currently viewing the URLhaus database entry for https://4fly.su:443/search/NrRU1QOR77up6YK5/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2569797
URL:	https://4fly.su:443/search/NrRU1QOR77up6YK5/
URL Status:	Offline
Host:	4fly.su
Date added:	2023-03-14 10:30:18 UTC
Last online:	2023-03-19 20:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2023-03-14 10:31:13 UTC to abuse{at}simplecloud[dot]ru)
Takedown time:	5 days, 10 hours, 22 minutes (down since 2023-03-19 20:54:09 UTC)
Tags:	dll emotet epoch5 heodo zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-03-15	KhrLv2.zip	zip	893d4943146db4f539aa2366c4f2fca98fc628d540589254c8ab86d764fed8b0	n/a	Heodo
2023-03-15	Kb6GIEV.zip	zip	903112f973aefb508d09fa9945d7cd1d243c52ad09e05f9f581dd1c3ba1b686c	n/a	Heodo
2023-03-15	pSeOaYkiBF4SmpU.zip	zip	c631a9dd14ca4ddf2b94b5541e749e0595767bcc9cb581466e597230ea9834eb	n/a	Heodo
2023-03-15	DDKSQq.zip	zip	f3f3b6f8584cb65de093a44c4cb7f1811ddbddf4355dbdffb35fa74b04e332f5	n/a	Heodo
2023-03-14	HvZIr.zip	zip	670416298bf65b798bbf1195a4b235ed579e1c96cae6628e1a2d9fde1a2858dd	n/a	Heodo
2023-03-14	m4oqbnyhl.zip	zip	d657cc8c2fbff96e1c3fdf9474878f1b0e5e6d5d4284bfbd6345822e10bec87a	9.84%	Heodo
2023-03-14	kVx5.zip	zip	44ecbc3d9a52b4af26daac6c091026d51f7d00403d7574ac1ebcb604dc66b725	n/a	Heodo
2023-03-14	nos2dzoXjMn.zip	zip	04fcf6d62edff34fdc8a607a3da451d546e6c05932349e71e61ba1313ef993d2	n/a	Heodo
2023-03-14	OypILPSz.zip	zip	10e98b1a09196e4bce4508364bc4b96f7069701678d2087659b15fb239e96df6	n/a	Heodo
2023-03-14	SeHAwopBcJ.zip	zip	9b55dea4844bfbe56d5df75ebbd77aaf821a5bc65423807ef61de07bb3de8830	n/a	Heodo
2023-03-14	Jpe0eBJkwfW.zip	zip	a9de2a7fb170756cdeff00a4ed19574ffaaf1d59383728002390c8784764912f	n/a	Heodo
2023-03-14	RtIJ4o64JEm4uIFp.zip	zip	498c4a7c1c1ad66267c35639ed643dfd17922febec4360fcaf5459c06359093f	n/a	Heodo