URLhaus Database

You are currently viewing the URLhaus database entry for http://etawala.com/BACKUP/egNICnA/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	421736
URL:	http://etawala.com/BACKUP/egNICnA/
URL Status:	Offline
Host:	etawala.com
Date added:	2020-07-30 00:45:30 UTC
Last online:	2020-07-31 18:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-07-30 00:46:05 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:	1 day, 17 hours, 14 minutes (down since 2020-07-31 18:00:15 UTC)
Tags:	emotet epoch3 exe heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-31	gf02.exe	exe	03d40e6a8c28886ed229fe29030de83d593aafe2eb62a4f8fd9b593e8af0eaae	n/a	Heodo
2020-07-31	uier08313265.exe	exe	a59fdef0605248a3d778aedd02ad647097228728d9d5af217107e082e8f54445	n/a	Heodo
2020-07-31	xp28d284539.exe	exe	3389c831da07d8ff64fd5606d2c0e696eebd463bbf5b75c99ad7cac0e559bd51	n/a	Heodo
2020-07-31	b167tji6369.exe	exe	40b27fc8fefc9ee359e65f9f14647c17f4f723f080e0123354f63d5cfc20d469	n/a	Heodo
2020-07-31	zcgy485.exe	exe	6039f245c156db7edd4b009b60b0f945b7b1441377a558a7438bceeccb6cc8d4	n/a	Heodo
2020-07-31	xlekp3592327606.exe	exe	0bf755f0897e82d62b69f4ee330e2f7a25e1dc158c978a93656fe3ddfc3722a3	10.14%	Heodo
2020-07-31	cypum6.exe	exe	2338dd8d682631eb60c7645e781c2a60155447b679bfa724667650d7780d36ed	n/a	Heodo
2020-07-31	ifk879.exe	exe	980e2029956aae284012be23c76e89d1441d6c14836a04aec8e57f0b5d4a36ce	n/a	Heodo
2020-07-31	2xd960.exe	exe	aad68215da58059e6c30e25e948af0ef0969c7154eafe6aca9d78ee522a079dc	n/a	Heodo
2020-07-31	nwtyujlh8204009.exe	exe	f6a415bdcefa7a718a5cfeb5786bdda5c955127dd2d482ad7ab8c5be42b1007a	n/a	Heodo
2020-07-31	pl7.exe	exe	aaf5b6671c99f60989706b03c192946089d088985aafd57955fe6baf17e09a48	n/a	Heodo
2020-07-31	w91lclc85793361.exe	exe	8e01e7d6cbef1c4eb282186f7eee2b7bf3eec5704f0367f919070f59eafe8aee	n/a	Heodo
2020-07-31	zx9h7275.exe	exe	4410ac0a2b9a36df0ad4c6067f11c2991bfe07c04e59865be2f03572fe184822	n/a	Heodo
2020-07-31	9bxe4h7565614.exe	exe	711c1a95379826ab762a09dd109f1823e85a7d96b3b37462e55512269af8479e	11.59%	Heodo
2020-07-31	yy6egcf0p176360255.exe	exe	89c26fc72e9a2492ea1849a2ba9774a6ff94b07a0c29c88c9d70b86a637a926e	n/a	Heodo
2020-07-31	rkg84454515.exe	exe	297732c5eecea7e1969649e9b52fe86f593af7021976e93b527182ffd8f4c2e2	n/a	Heodo
2020-07-31	pba0yt797208268.exe	exe	419906660e1af498b4a4ef08f37a81733cb40111709863d0fa038ca13190206b	n/a	Heodo
2020-07-31	e1l982132528.exe	exe	f2f644cbd1ad363c5e21d8e81c0ecd707974da34b44eba2eceb81544312509e9	n/a	Heodo
2020-07-31	swo0c053141334.exe	exe	946def85da03a85bfd3aa42b39ce6893b9c41e7d33f0f65e435dfb694561fa51	n/a	Heodo
2020-07-31	7zbe13i2.exe	exe	dad62b7a9287355a3199a72ad2d360ed46f11c6a881ed4d0f4ea653d2393d57d	n/a	Heodo
2020-07-31	d8oq980674604.exe	exe	d78718b814a407b19b1cc1d0a21223e94ca83dae6f662efdbc06d7468510025f	n/a	Heodo
2020-07-31	2efufpjato83376675.exe	exe	6a254975cff92bda4e662010dbcafaf20ce40ca9c96bcf85c9a93a8bb09d9ad0	n/a	Heodo
2020-07-31	ry285908816.exe	exe	bd1d95aee19ee09f7b79f6157ec4fce0ae1896c209060a12bf2d12039918083e	n/a	Heodo
2020-07-31	0ge94z1402.exe	exe	ce328920740a4c019608eb9276937e7f54ea026dd491149e947a897edd3f30ff	n/a	Heodo
2020-07-31	aglsdm87546.exe	exe	56b225f9eace385f22bef1e0ef3d99bc49267ca539d36e337cdef0782985522b	n/a	Heodo
2020-07-31	x27ob5297.exe	exe	3c94573b6657095bfba441db53bf85fb1114779b2863ef089ec18550ca936bd4	20.00%	Heodo
2020-07-31	jts738.exe	exe	c4c95873c5cb8693ff5c518f77692a6a3d6cad9594418ff63401b0b4ccef6edb	n/a	Heodo
2020-07-31	s0qfa6gdd109.exe	exe	04db547add3236adc8308512ba11b4238c99c7e5b2bacc81fa4279a91007fa87	n/a	Heodo
2020-07-31	08n707.exe	exe	4add112b27567f6968a568af031fea1a89b51e6403d8901d76242be18c2c5257	n/a	Heodo
2020-07-31	ms24bkft305542060.exe	exe	80e0adf4262981175d1b261c1390ed9581dafaeb09379a5fc456c3600893ea07	n/a	Heodo
2020-07-31	732665856379.exe	exe	a86b93c6cdd4915ef092807edf050930992878b3ad8a9d0a341becb43ad3859c	18.31%	Heodo
2020-07-31	1ar49eq849250.exe	exe	20627e9a3e7595d6ce91d6794c5a2370d6acd516b04e40e0ce362f09b198c0a0	n/a	Heodo
2020-07-31	d7f9nlu898.exe	exe	1bdee3a51a7773e32c5ac325864ddfbc051298524140ac6d64ba4708381b0267	n/a	Heodo
2020-07-31	8vxto6l6.exe	exe	7ecd0421f935394fc47b5b6f9783fb1b00a183f153ff9b91bdcf43dae9f23b7e	15.71%	Heodo
2020-07-30	upl1tsezf163745078.exe	exe	8e9863cf0274e7aa8cbcda59673ac5b29bd3e6167a4e21be9b6c1e22f33230a5	n/a	Heodo
2020-07-30	gqksylbg877132.exe	exe	df9376c2c985e4325208fe0f99553f453f51bee5d938de307eaf9380ef61dda5	n/a	Heodo
2020-07-30	zajj844234.exe	exe	ccf2c012ef94114d035c924f085a583ef8eea8435f3cb79351468715f7b7c0fd	n/a	Heodo
2020-07-30	oex3186.exe	exe	8dc4061980e02f49a23b5b833bca3ca23debc1437a1c365bcc49142a6f7cdc6d	n/a	Heodo
2020-07-30	d0t137.exe	exe	a74d2709acff6af58db65d8fe134f547c9567501652ef93daa1e402a18cb2672	n/a	Heodo
2020-07-30	2a640.exe	exe	eb65d4330e00c84b7f80b208054ff6c5d0ca2c30499df7da6a1761fed77af758	n/a	Heodo
2020-07-30	8nj2t692407.exe	exe	06a87125ca65389497e3d2e5a207c5f5f37592d1265257a7fd26518e81e16885	n/a	Heodo
2020-07-30	vas15767477.exe	exe	1526586debde024f3ec060f21a406bfa484f082002f1b5bbacdec511c386a607	n/a	Heodo