URLhaus Database

You are currently viewing the URLhaus database entry for https://onetech.asia/wp-content/plugins/jv-effect/js/OUUtTo/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:262535
URL: https://onetech.asia/wp-content/plugins/jv-effect/js/OUUtTo/
URL Status:flame Online
Host: onetech.asia
Date added:2019-12-02 21:24:11 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Abused domain (malware) link
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2019-12-02 21:26:09 UTC to abuse{at}amazonaws[dot]com)
Tags:emotet link epoch3 exe heodo link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-12-05a9_250.exeexe c1f7f39ac2038f9625c2c4c988ce37b1d37b6fc7fc712b29400e651a569f2d0cVirustotal results 9.72%Heodo
2019-12-05en3gilwt8t_741390767.exeexe d9cee6fb920355df47051ebf8cc3af57c6ddc9f3362f3445cfda4a536a94ff94n/a
2019-12-04hpar5yc_9991402432.exeexe 6c86cd4ec4b53f64a06c23864bb9c7696a19eb704ce3b85f2827a1ec37a740fen/aHeodo
2019-12-04rv_09792.exeexe 588d9e928adcf5588f33e97ae6983546a9655a561fdb74145d967e0f28dfd75dVirustotal results 11.11%
2019-12-04y3sdb_080040627.exeexe 76701e0a10fcffcfea77d03f9cdd910ff8d3c8656cfe053e2447d17517efe054Virustotal results 12.50%
2019-12-04yhrhtltz_1.exeexe bd4418eae314ee49ff1314a14c8419623679a34a20ebd9d36eb97bea819739b5Virustotal results 12.50%
2019-12-04yfwjwou7_2.exeexe e6b10aad030686f47d176559f668cb1221770b9991023dd22ab5a3a74905d0a7n/a
2019-12-04r3fnw985_58326404.exeexe 16db7b571819b16df4349c0d8cc0404afd5773f38c3937abb916e92146330d53Virustotal results 12.50%
2019-12-04quqspjx4f_3753053486.exeexe 7a47bfb1de1c3c534f1eb61f79ff63d80b20caaa7020008efb046b6ebc66ecf2n/a
2019-12-04ix217n_274.exeexe e9a64dd4132787389949bc92ed07cfba36cc4872659d5d4032632a8b3552a2b8n/a
2019-12-04jixe1ltmb_27116.exeexe 9128ef4a8f927025f74606b34c08199c0ecf327b7d3731036c389996b4cddc2an/a
2019-12-04w0e_043.exeexe a2f48d2f33da77acb3a0d13f5c9bb94ce0586212a15562f471b2e7dca87dd95dVirustotal results 8.45%Heodo
2019-12-040kbop_4150.exeexe 2aa4965b4b213d1d268b505190657504defc4ae22673e939d7d5c6df98a58a6aVirustotal results 7.25%Heodo
2019-12-04gk4gc80_663.exeexe 66365248d2c92c551c0379c1b051a91ab882bd17d73f96969e62532386f531bcVirustotal results 5.63%Heodo
2019-12-044urqyvs_7689747.exeexe 01930720a2a7a218336d95212b33ad86b3462ebefd4bec5f374131882d75c6bbn/a
2019-12-04jf166zhf_902.exeexe d61a47ada69d430d160049d648d75231aeb3a8ff8b2a4971e236f99e0eff802an/a
2019-12-04sas5awou_5162293.exeexe 1bedcf298d4bbc26dff48004155b32669fc88ffb10174fa7413d807f9a669bcan/a
2019-12-04qi5xc_360766649.exeexe 484858d91620804d66a479138404aa73821f8c191ba4b0686123aa1f19033fd6Virustotal results 21.13%
2019-12-03gpp44jgp2u_802920.exeexe 228c4436f595ac3ab927b4fb0dfff84bb55d0d319b7479cd784962fca853eb8fn/a
2019-12-03dhwha_838.exeexe a79579ce212297ea451375e3c1ca333ce1897b91a73dcfcbc308d85b9e4a593fn/aHeodo
2019-12-03t8oeyas_996.exeexe 8c6ae804dee86b76713901c311fe768d6e62f9aa2636fab376929b52300011dfVirustotal results 11.27%Heodo
2019-12-03k0ouxy9il2_83947051.exeexe 447b2f0f86fe71e70600533f16d8f2c2e2ff5a2959854ee5cbba95d025ba6aafn/aHeodo
2019-12-03ayrd_5.exeexe 2b72f536c2110a732536b7888ecfe322192fd3e9b403bf6e02a858143c63c171n/aHeodo
2019-12-03ivd4_5462.exeexe 431bde1f2faeb398013cf256bb08ce57a100e6a88d031a86593ebed162b87673n/aHeodo
2019-12-03w5h_1489527188.exeexe 0c35b4170e77165deb414f8dc604a502bea87fa799a2a6454eac9fee6918830an/aHeodo
2019-12-039hlk7uy_093216.exeexe 53f3319cb347b644aa166fd24d50a79bb12cba455db5ed9c188644886b5fa8d0n/aHeodo
2019-12-036s_10839.exeexe 4cb93aab1cce837f5d318976d457fb345c76bb40f81cd94f6a461fb1527cf9b8n/aHeodo
2019-12-031f865hkz_5523504.exeexe e634e58702881803281d9590a82378f98513a64e07fdd357164772f16f39af51n/aHeodo
2019-12-03xf403_30.exeexe 77c2fd6b6c0ac1497cd4f73bf95a71240f0eba3c3b10d10097671faeef33da27Virustotal results 7.14%Heodo
2019-12-0309thbvr_705.exeexe 6391dc705e89271740172a402da2f90f42f50b96c160db54891c0d46ffdab37cVirustotal results 19.72%Heodo
2019-12-031y2a11k0xl_9.exeexe a8a864dc63fb1a036df9917682bbe104764bd85c57d99b5e71ad3e92ca992c75Virustotal results 14.08%Heodo
2019-12-037t85p_413.exeexe 03be791aa88dfb28924d6ea563d71077a5ab6d93ecce104062d75801cb129b90Virustotal results 10.00%Heodo
2019-12-03rt5lfum_64128755.exeexe 8abbbbc3373e30c47bea43a4e01d7bbaf8bb9df0d41d0db73e6d1a42c67de851Virustotal results 10.00%Heodo
2019-12-03pefx7_67.exeexe 8f2c4942897d687ae42b4e153a3faa8d4500ea4bf5cbd17065a156b337f90596Virustotal results 11.43%Heodo
2019-12-03r0_970090596.exeexe 3557abf5497ec9994a7d3c262eb2b06927b38deb8d296d6ef6c0474c9379c87dVirustotal results 8.45%Heodo
2019-12-02hd7_5403767073.exeexe 09dff2d0363309eee5e08f84e8fb5128b08e3935216e459e567e5adc9cb9e71bn/aHeodo
2019-12-022mv6p7pw_62.exeexe ac1a63dbafe6906e9bbe3b848ff8898fd991cdd0e48bee5478b041755828bf07Virustotal results 12.68%Heodo
2019-12-02s0t1j3ic_720401.exeexe 0d7fc00dbc413ea4ab77ac56552291eece7a65361356c5b35e8b8b77d55c586dVirustotal results 14.29%Heodo