URLhaus Database

You are currently viewing the URLhaus database entry for http://uklid.ir/cgi-bin/8v/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	299266
URL:	http://uklid.ir/cgi-bin/8v/
URL Status:	Offline
Host:	uklid.ir
Date added:	2020-01-27 23:40:41 UTC
Last online:	2020-01-29 11:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-01-27 23:42:10 UTC to esmailian{at}hostiran[dot]com)
Takedown time:	1 day, 12 hours, 16 minutes (down since 2020-01-29 11:58:33 UTC)
Tags:	emotet epoch1 exe heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-01-29	VUmVemv.exe	exe	208120e6fbc2224daa8fbbc7d558890e7fcb91f00c07c8b125d89dca7293853b	8.45%	Heodo
2020-01-29	La9rm71uP56tWJz819r.exe	exe	3c74ab74f1072f54cad183c16cab778112f48acf37ef00e76424fe6b78dccace	5.56%
2020-01-29	ev7.exe	exe	dca99a41357eb22ae2c9807a601a786d75c8f238ec2a70dc5b4f53dbe741c0f1	4.29%	Heodo
2020-01-29	jClhaLO98gsQHzRT.exe	exe	bad78dcf2479af052f3689fe8928c8f187410f6874a8579fdbd079956e42b6f3	4.17%	Heodo
2020-01-29	xesM7QfNJg6n.exe	exe	6987054fd44e5673a7646c21cd5f039bafc2762c041418e4eb33cc6e4675b8b1	18.06%	Heodo
2020-01-29	5yIV.exe	exe	71d8a7f4aca59576ea0cc59fbf31d253073aafc2f36257344fb336c754657a85	18.06%	Heodo
2020-01-29	zpq6vat86k.exe	exe	5c5b9379e799c31a8ade699619d2c9da73c055629c43afb209c21e618317ff84	17.14%	Heodo
2020-01-29	S2MMS.exe	exe	811fd1684894b75d6a54d6431aad003ec5d5a3b6196c759b40a07f50ec199c7d	15.71%	Heodo
2020-01-29	Jy2LJyuOrfRksxz6IU5t.exe	exe	8750a073c59e2d57431381a9c624e10cc500146b2b28f36064504b519db286d1	15.38%	Heodo
2020-01-29	ld5kyDPIWsCUS4m.exe	exe	f275691e64a6249af58a37b247e9ccaccbe501bce380847ab4501e53a961ec01	15.49%	Heodo
2020-01-29	m9l8iUuKrUZvYfDco.exe	exe	a9654ad0a440e6d969ada68d0dfbbdae66d9ae80d9b3cd642a65773aea5536c1	14.08%	Heodo
2020-01-28	OEdc3PDrsr8HAE.exe	exe	a19f90d7f671d96a7e83706d282f425662402b909d9074ab5677d121426d5244	n/a	Heodo
2020-01-28	Qok8C1aKsE16E.exe	exe	954ab9a02eff5371d5af9e3bc5660549d11fb023964829d3eac86651648af25a	14.29%	Heodo
2020-01-28	UrA7B.exe	exe	2f78a37284ed6d647bcf29e7cb492ed1bcb2089469f76fb4126fe88adc839e7c	12.86%	Heodo
2020-01-28	YsaMxr0pC3ib.exe	exe	58721404e9922755ecabd41046362e5b50d83e5e01a728272bad6f4f09c2bd1a	n/a	Heodo
2020-01-28	Tw4.exe	exe	016e4ca10ce0411a6857da89b070a95814118384b9b0c0ed1c83a8e8c907192f	11.27%	Heodo
2020-01-28	TBpBmCWyVshU2.exe	exe	680422d3243c9a46c946bfad3defe701bc2a853d1d542c2ecfe49b7a16f98b42	9.72%	Heodo
2020-01-28	jMrYL7eFpXnIwkt7Glll.exe	exe	d544b58a27f955e7ce826ebb6a5d8e65d6bec09456dfd08a578d0cf007ecbe84	7.04%	Heodo
2020-01-28	Ax5kz8fLZb3Udn.exe	exe	1ec7ae08b8b56deada729f05e184eac4c5f7ce22f53bcffb09b64f03ca923a07	19.18%	Heodo
2020-01-28	WvR6LqzQ7j3Yg65xC.exe	exe	29325039b80138e6f16e7a09bcd955377de101627d5fc4db2e3db1995176f0ad	18.06%	Heodo
2020-01-28	PoELmeyp.exe	exe	e190a1731ffdd4f21587daa53d69be566537938697dcf86e34dfe36039b1295b	12.86%	Heodo
2020-01-28	HiWdhAbdKBgboy.exe	exe	eaf6533bc3269689c5ef00d13e5e552d0e87eccce8799afd047eaaa0bcdfdf66	11.27%	Heodo
2020-01-28	zh5Yx.exe	exe	83858b913538280e287f266bd5dcf249bc463212f97e52377b22b1d06a262e38	12.68%	Heodo
2020-01-28	w87UwArIE.exe	exe	a25eb57a4a90c0afc4bf29eae8541253ce6e8eb466bf7500e19451da7510ea4e	9.72%	Heodo
2020-01-28	H3lOhdq3WmtYy.exe	exe	e26b71c44709978647315bb199ed44e08d1501c7e0d80c6d27b432c4e7bb2219	8.45%	Heodo
2020-01-28	c9chhb1Erm2sZd.exe	exe	79ebf19ddcfd18c18192ed0f798e1bfa8b203cfe9984af6b127c0a6a0359d9cf	9.59%	Heodo
2020-01-28	xnQ.exe	exe	78855e83d0ef3eab7af4b55eb71dad2d70eea0baadd61e672d27814adaf5b89b	n/a	Heodo
2020-01-28	6kAzNnYn3xfFeeAf9qZ.exe	exe	44662f68fcaf27944626b8efc081cacf9075e77d336c2ff39949f21a1980ec6a	n/a	Heodo
2020-01-28	eEg4jQMtXOXX9aOxH.exe	exe	e4db0a279ae928932e71129ecb812d0055090aac3c62ec2143169b8a98d5168b	15.28%	Heodo
2020-01-28	MGl8L0V7felP4W.exe	exe	db0759f0fb0f8417d28df532733edf12bac9d1b04712d121d13be6e600a712be	11.43%	Heodo
2020-01-28	H66Uv56iOvsNF9IPVtf.exe	exe	a320a720067253021f9380b53d488976201a2ce0b6cb3fd90073e1adba3d3b78	15.28%	Heodo
2020-01-28	NddhHUbTdRRD5x1188bHT.exe	exe	6bc6b0550e5bf84468d45b27090ffa3362e1830f50742f20392c25f33c494bd2	14.08%	Heodo
2020-01-28	JQaaYnq63jEr1Pwr2r3.exe	exe	368e59e9b97ddbabcc097b7f4d8c4b7f48ceae6792eaa5c5756db7e5ad97e466	13.70%	Heodo
2020-01-28	j8kE3iSgEBaNGc3yZg.exe	exe	3ee0800be264f1a9549758cba762c253c36e5db1ffa656be698e5502db5bfe6c	11.11%	Heodo
2020-01-27	c2Z66Y.exe	exe	5bb62d58e54bb307e3ac44fc96dc50fefb72a39b885ab0e280271068c562b974	n/a	Heodo