URLhaus Database

You are currently viewing the URLhaus database entry for http://hawkinscs.com/F which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	36247
URL:	http://hawkinscs.com/F
URL Status:	Offline
Host:	hawkinscs.com
Date added:	2018-07-26 14:35:09 UTC
Last online:	2018-09-08 06:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2018-07-26 14:40:31 UTC to abuse{at}inmotionhosting[dot]com)
Tags:	emotet epoch2 heodo payload

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2018-07-26	16.exe	exe	2d67451585062c9a9112d354266e32d49ea58e34ca17fd1347b34685cc01a04c	22.39%	Heodo
2018-07-26	173491.exe	exe	4160645e863c426727f3cd42ee1d1fc4dece1f86ada622d8272d3af745723b29	36.92%	Heodo
2018-07-26	6.exe	exe	d703fc17d75b5d17b60e205a97873972e94fcc3c06a1fb0cb02e2f0b81a0a743	35.29%	Heodo
2018-07-26	76.exe	exe	f6d13b9d554735924321e0a3eac10016091887a017189ba4355b00d615fb7755	n/a	Heodo
2018-07-26	02.exe	exe	a4d70fc3843edde2ccef7c0900c1b2e4dbcc404359de07b443004095e8227354	31.34%	Heodo