URLhaus Database

You are currently viewing the URLhaus database entry for http://av2m.com/js/ekgl_a_dy4ntv/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	419830
URL:	http://av2m.com/js/ekgl_a_dy4ntv/
URL Status:	Offline
Host:	av2m.com
Date added:	2020-07-27 12:08:19 UTC
Last online:	2020-07-29 12:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-07-27 12:10:04 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:	2 days, 0 hours, 29 minutes (down since 2020-07-29 12:39:29 UTC)
Tags:	emotet epoch2 exe heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-29	xmikyji7w7uJ.exe	exe	7e9cf3723cb8d7bc7a1e7f1cec77db4c0b60db2e7b2dccf2e1062016287d130e	n/a	Heodo
2020-07-29	Osl2fxcWXBBa0o.exe	exe	d4e72093af11c1c69c4ce9c5f6e57cc64f8c2d6f6842e4119e4b5471059bbb7f	n/a	Heodo
2020-07-29	pImn8euDZ.exe	exe	b8ae2ef6217bea2ee5fa4408456e5765b8e2e4c25eafbcff5bc47c82b80b290f	n/a	Heodo
2020-07-29	75BS5apBne9OuF985A4h.exe	exe	9f7fc4ef3f14c956485847a1a2b8bea39a4f6cb53a535dbfb9b3ec87f5186e03	n/a	Heodo
2020-07-29	4t3S2EFP7HOwsO.exe	exe	0e5f3f9fe0f10fb231046ad66596d5e807d32df11330e7b2da79f38a60daa22c	13.89%	Heodo
2020-07-29	AgJiV0M.exe	exe	86b9ccd509a54fffa45163131e7cf6834728a41ff4caa77e5757e00f511d99c8	n/a	Heodo
2020-07-29	4kseUtL.exe	exe	9eaf252421e494f708bf536add853a47a213878de1437b339d97b0b869a01e2b	n/a	Heodo
2020-07-28	Hc43HGBNQoJ2H.exe	exe	f549f3aa8de6086949347dc8e67536ac3d189562a8ad282cca7b8cfffe271839	11.76%	Heodo
2020-07-28	Hc43HGBNQoJ2H.exe	exe	f549f3aa8de6086949347dc8e67536ac3d189562a8ad282cca7b8cfffe271839	11.76%	Heodo
2020-07-28	eqbnfFqD4Nx.exe	exe	520afc41beeff43d06f659a8b49d5f27e12152c91c95b3a5be8138a6301bf1f9	11.11%	Heodo
2020-07-28	wcQcXhdN.exe	exe	c195c10ad301dbeddc143022bd008de851a9098e01d332be06de378f92e82f59	n/a	Heodo
2020-07-28	E.exe	exe	9b2c454f44034783dd978afeb286be0a9d907f09b7ffde2519123dfb3a501a29	n/a	Heodo
2020-07-28	0XGQm.exe	exe	8873d862c54691707c5fd872931efcbe6d9789a0069c23f19f0540f6f21ea023	n/a	Heodo
2020-07-28	d.exe	exe	1b6b6ff4bf6691651abd13f38096341286fec3740e36050022c794d18ec8db6f	17.81%	Heodo
2020-07-28	BoHn.exe	exe	0aa36d0f153f496feade5e59ee510112ca7766a6e9338b2330c7e0965f9a41a1	n/a	Heodo
2020-07-28	i7.exe	exe	699d24dfb5245ff409fcd704af0b8e33832afe3222fd908859227e532f59dcbd	n/a	Heodo
2020-07-28	1sNuT6OEBcWc1M.exe	exe	1e241029ecae9deb8ae5068cf1910d2b1c95b336817d61afcb784b3c3e0404bd	n/a	Heodo
2020-07-28	P.exe	exe	0201e96128e7e5e5dfa48e3d7c1fcecaea745a0f2197b1489c30938a25d7b668	16.44%	Heodo
2020-07-28	hYg0iW4U.exe	exe	5021eae26608a8faf7d7dd1318dcdd2698fe4523d533c1274b6e9fb99833c4b5	16.67%	Heodo
2020-07-28	t7pU.exe	exe	e516457193193c0b9cd671bd3d675788d9b95dd8878bcc016d27e89711cead10	13.89%	Heodo
2020-07-28	vw8w39BIGrmzNvbof.exe	exe	d4d21fceda4cbf71b1a2f19d8103928414652ceaf2b828f8a344240d70fb77c6	n/a	Heodo
2020-07-28	b0h51u.exe	exe	4909b36dd1bb24ed57187dda6e2f8ddc5fe9e183a41e404a0e3866d7ed394b9e	13.89%	Heodo
2020-07-28	xBzexSxVYgvfnb3i1IDN.exe	exe	6d56063629e19fe3ef1a8c3e5344f864c751b459aa5517137c362ca441facde1	18.31%	Heodo
2020-07-28	ue9oF86tDr7Klp3.exe	exe	9a7a7b0b2f502613142ecf0dd348e59133d7afd760baa84af5133a5bb761f42d	n/a	Heodo
2020-07-28	Hlt.exe	exe	025bed95ee9ad1897c61cadafcc8c12d1a2316904ffbe0c412cf9a13c7de2d37	22.86%	Heodo
2020-07-27	Z5QTZlS.exe	exe	db197968a3f10e24168e0ab694f19beec99f806b7d471fe31bd032a03c3c6795	n/a	Heodo
2020-07-27	dGGX.exe	exe	026c40840ea971b2f08195ae30cc3a46380ef06e94b73a7d41cb79fb8daa06a7	13.04%	Heodo
2020-07-27	cxxf6g0kh7XcTDhl.exe	exe	9075d19c524094232079ddb680edb09849b7c6e3de0eb369a56bc658c2bba8d9	13.70%	Heodo
2020-07-27	6Q1h2VnaRwXeUSl95.exe	exe	45f1b8bd2abea8bc4b3b899f8cf7418b135168b7f6ae9afef149ce7f78f5778e	13.70%	Heodo
2020-07-27	cvgMXARXVAV2.exe	exe	5f62d5737ec31fd307cd60306921fa021c8d72cdb202321ea0e82050492813d7	12.86%	Heodo
2020-07-27	F4gZ3PyKvxP5LQT.exe	exe	e92fe2bf2d9974fb13accf520f84d77d4dd3df7805c1ad77335517aa5c42e625	20.55%	Heodo
2020-07-27	oh.exe	exe	43516b5148c7c44567e0603a9f6b0accc7da9913771d7c4a9c284be06f60402f	n/a	Heodo
2020-07-27	fCWZoUclzW1c.exe	exe	d9fb20e49ab03c249380872bdd64842c1e80ebab6f79be771e2528518c1bafe3	7.14%	Heodo
2020-07-27	RtyFOpbEyRm5KaTMwR.exe	exe	0d636a0512c59a93a2517805fc4010443d7035c67e89c02cd22c7d8ae2b95cb3	n/a	Heodo
2020-07-27	t73g.exe	exe	92b631effa8c21130e64945fedb3332d714cba8f52654a2c2a3a139df07614ee	n/a	Heodo
2020-07-27	aGe45NAted6k.exe	exe	78378163b84749cb39657757cb1fed7976c5bb4cd575d0d7a709a2391cfb68f8	n/a	Heodo
2020-07-27	LbKaP9D4vgA.exe	exe	90c082e75babcc802028823835caf7249ad59ac3d7e50a28b2f3991c7ef5b581	n/a	Heodo