URLhaus Database

You are currently viewing the URLhaus database entry for http://wolfbird.com/wp-content/2ddcr_bqmi2_d0vmdgu/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:426228
URL: http://wolfbird.com/wp-content/2ddcr_bqmi2_d0vmdgu/
URL Status:Offline
Host: wolfbird.com
Date added:2020-08-06 11:21:54 UTC
Last online:2020-08-09 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-08-06 11:22:02 UTC to abuse{at}asmallorange[dot]com,eig-abuse{at}endurance[dot]com)
Takedown time:3 days, 11 hours, 9 minutes Bad (down since 2020-08-09 22:31:17 UTC)
Tags:emotet link epoch2 exe heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-087NaTq.exeexe e49bf502f77c359b683946f1ee3fe74953577742d4664623d63bd01d87c84f3dn/a 
2020-08-082HIN7rhsat1llHXhK.exeexe 76b8cd952ad23d7ee4c52cae40875ba292c916d4996000b93d376f9dbc9fc6e7n/a Heodo
2020-08-08Vo.exeexe 8bd1ff7a7afe16ebbfad89ddef5a1dc63d393f2bd0fce3198a8914f05f6af070n/a Heodo
2020-08-08bIJnqgBuI966Qoaw.exeexe 8e3213c560fd338099c7ba62f7d1af1dc531e0e1ce54c367045956b2940f90c8n/a Heodo
2020-08-08S.exeexe 451cb7e0fe494b2a030c3d912d531440b5f3944df1441d43c7e36a722f7c7054n/a Heodo
2020-08-082DtHLuKJpDL7.exeexe 42416f4323b2a243e5c5b6204c01b26382acd35f1dcf183824cbb0eb0dcf8997n/a Heodo
2020-08-08Ix.exeexe c56d1e5bd2641c292c6b97f0a3e7e9ff8a7ef4e656c36e97d967948da5946c14n/a Heodo
2020-08-08ksgs5AQkjDbGMnUPB.exeexe fcbef252a578a13cc20967ab4adc5f2ea88c59cce3de07040255604db64cd9can/a Heodo
2020-08-08GAY3pyBEmPo1NCWlnSLc.exeexe 46dc32a821e70d3aeacf75fa4da73ff5aa7b2e0fe5c87d2ca03fe19dfb851665n/a Heodo
2020-08-08qHziwNnnvcvBTdS.exeexe 025a0be33202be099bb7d6fa05165295e63752eb55e4acfff8a9a73c9fdcbc41n/a Heodo
2020-08-08sc2DHVW6T.exeexe 1b28e3375b71e284114ed54f7beb8504da536e808b50212f0db374d8446f9dd6n/a Heodo
2020-08-08y.exeexe ff57e48c092b0ed8641d9717807eb3146a56f16fcddd755e9d0dd9cf03a41ee1n/a Heodo
2020-08-08v9uYq6XaF36CK5ME.exeexe e54d9a089c06a3946dbbcf9b0de318f22bb66fad1547d0a566ec76dcfcbf3fean/a Heodo
2020-08-08ryqSnbzPgfAAd.exeexe e58ee5a763ab180d9c99024dd94bb0700b9303fadb0dd00514ac9372355075cfn/a Heodo
2020-08-088RiEIb2dfOPs0hiqxF.exeexe 89c7523c26d49280e8d1a8c53b6c59cf1a7cd2616781ed8c7d13b3fe985a1598n/a Heodo
2020-08-08KvQLBa.exeexe 751d447f0eb9c2e1b721cb2368a3334a9193f1693526f60cd566abb417651d55n/a Heodo
2020-08-08Dhi9O6iXaP1yT3ceK9G.exeexe 0ee4ef9ff8895fac5f916d5b78b20fe90f5b4623160cc0a4c086060a653207aen/a Heodo
2020-08-08VK.exeexe d17762a7c7598b431c61eea7f16148a71ef1352aaf1bb3f91a150d9f66f4e908n/a Heodo
2020-08-08B39mM0NQEBW1v.exeexe 872fe87f26dd7f6c157c5bafca9fe6501df7fc06497d50735ba975fa36cc86c0n/a Heodo
2020-08-07WeDzP4p04IrQviwBKS.exeexe 6d17a6909affc320e8e50d0bfbaba3004c452fc32f5388b4b032d7b9dd641574n/a Heodo
2020-08-07zpVzPq9ObvC8UZ.exeexe 3fdb0fb4dbbc7538bbdd805b859c0517837f165bcc99f00be65c4eefb3b3cc9an/a Heodo
2020-08-07zRH8yyBfH35ibKEw.exeexe 0356071968336f4f73bf69ee0a44077fd6ae7e84ea163f9ad4e8169217ce89dbn/a Heodo
2020-08-07E07HJCJe79eTmRmvd.exeexe 8a88d81537ced626331d582724c587eeadc68753070ab14dd6212a88be023476n/a Heodo
2020-08-07UzsDRmYTWKH6.exeexe 63c956a49e6dfcc1c15570788db982e65ba7d31f186046e163f5a409e996b687n/a Heodo
2020-08-07E.exeexe 175a87e74e861145a9c4d00a54a43cf6f2d65f993f8919cdb3c2032b894ac472n/a Heodo
2020-08-07D.exeexe ebe7328743e76de32030d5e044178f82234430db7922b46c9f4aad429b159aaan/a Heodo
2020-08-07wIqVV.exeexe ad953e2da66890b224ac7d19b292ca9d483161ad9622b96ac9debd7826fddad9n/a Heodo
2020-08-07oASWjQeruvjiQOziZwLa.exeexe 6dd5a469ec69c616e024beb947e815bec44a922e5f681dac03e7ec90abfe8c38n/a 
2020-08-07YNlHb6tVNQjfzq.exeexe 4f6a0f8b48cd0a371ec5e42799fbc5126f3f8e7d4c3347959ad57c4c3484a80an/a Heodo
2020-08-07Lcf2.exeexe 36641684212a9404db9a8e9219ee2f3024f3354599ec67a78afa4879108bc57dn/a Heodo
2020-08-07pIbWEHfgP.exeexe 5b450aee9a5641c273b916f90f9611f37e8866e726ea13c9efec9f55e8291e41n/a Heodo
2020-08-07WnUQqPiVzmKbbnl0e.exeexe 0f0fb7d24b6c6f37505d6f507dbc854aaf485ce9945cc829d1a9894776c89648n/a Heodo
2020-08-07ev.exeexe 99b37177200f683905ef82f993b0f2ed3da420909cc331a07b5d9b609c258b7fn/a Heodo
2020-08-07rO4tUjUXJhpURf.exeexe 6962445df677ca2e907d6494ce76324fbea7e0895fd46701654d4687cf0aba2dn/a Heodo
2020-08-07IOlDxb8VwREN9U98V2.exeexe afdb44fcdae7f260c487efb62e8d7db7f213b25f2ff3b04ce803be9b300a686dn/a Heodo
2020-08-07lGhnk9RoNQ98nYU8jhQW.exeexe 236675ba89ddafa677f591ede76cb1aca2f74ff6211f7cf95937d22640b321e6n/a 
2020-08-07TP4SZxEB5.exeexe c4567ad64494bfcd265b71fec126b1103e801ad8e55e0de54c381c949ef5800cn/a Heodo
2020-08-07vEDdFKFZeANYHDRNdZ.exeexe 86174ff4ae793e97278798995464922c0f5ddeeba101cf86ede9e684c1a7aa6bn/a Heodo
2020-08-070X3Kz4M.exeexe e51fb273ad44e1e54f2aa64e6f07a7f9d979b981e3108cba35efbc7c871ea086n/a Heodo
2020-08-070nEKwkoyvzq9tbOPw2E.exeexe a03f64368018ee670de1905c3bb2f4fddbebd135d21d934ef8a6f497d78d8e78n/a Heodo
2020-08-0705dNO7U6kMqUhIB.exeexe b762bf632006b548df026fd5480da70baaaa06bb0ab7f65dfd091a46a5023335n/a Heodo
2020-08-07lfw9MI5cRdDo3JZi.exeexe 8c7c1cab62170cf4f6f84bde4347ac82c9c0f95b20d6e0a101397838c1ed1d50n/a Heodo
2020-08-06Yi6ZwFBJug3jyhuyi.exeexe 6edaff4cf1bf9e5fa68a388853f093ca52d6b20c6adb3e56ee349b383f8d5165n/a Heodo
2020-08-06gNS9.exeexe 82b7e8b1592285ac504f3fde37a37eff1774c92522ae685ddda9927231e0f17bn/a Heodo
2020-08-06rpLip.exeexe f074e1eca761ce98166fefdf6f5a6cce6f8da64da4dd0d686811e78ab3d54a98n/a Heodo
2020-08-06EMMO.exeexe 86b50c376106209fbccc47362602539b33ca9d0f11d8b48f2a8ba80c3ce5a48fn/a Heodo
2020-08-06gvcHJZaDi1z.exeexe c3d747f0a21837842dee25a7d7a141ad5e2f0d83ec5a6fd76e0cce175717a22fn/a Heodo
2020-08-06nxKggPPRBCf.exeexe ce304bf49c55af511f8a17d6ff5fbf06e82c3d403e5175aaf39aef58bb0b69f4n/a Heodo
2020-08-06AKKcuKGPU7TFpI.exeexe 2d032b994b7423890a66bc403926592ad58399288924bcbad03f7a6c498b87f2n/a Heodo
2020-08-064gaeZekPSE.exeexe da930d52967def0005c8c2024bc0e55b194437ab3e86bee21ffeee8dffd89b92n/a Heodo
2020-08-06NuXGBXIPQnbmSVqGcK8W.exeexe 41e5f88db4bcf5bcb2247d4501390d080d821d7bdb4eb434348c9c8fb61f9db6n/a Heodo
2020-08-06qToohMtyL.exeexe 3b27bd67e95469036c73f9c383e13b6f5946cfd185535617538e70545d6c74c6n/a Heodo
2020-08-06Xqcupd0eW.exeexe 80f34a4627208600f9761a218c0228ac08e5c4ab4ef4c852cc00e03ce8684c2an/a Heodo
2020-08-06jgEeVp.exeexe 76d0f9d81624e1de2ea44512625465785000bdd120cab4669ad2657cdf5b8c47Virustotal results 6.94% Heodo
2020-08-0636coCTuI.exeexe d0643619606a3ae6f488d9a4ae53ee41c792442ac2b1caa6d7ed19764c836552n/a Heodo
2020-08-06sIVMMI.exeexe ecee093d8f992364698b60cb2fa8b1f97927effe66d8d99e5670520fb98b976bn/a Heodo
2020-08-06hCNzyAU1mD5C4K9QY.exeexe e0ab3f516305e9a1ed239810f82bad893c21a2bedef69f7e0cd33a4fb2bd0547n/a Heodo
2020-08-06RtXXZ.exeexe b1bd93cc92ccc626e68a060621f57123bebaa2753079c43faf40ee8a80fc819fVirustotal results 6.94% Heodo
2020-08-06nnAABOSGR0k63k9p.exeexe 14c21d71c0104dd7c644097863a16451c7155d33dda12cc43fda3bb457675e83n/a Heodo
2020-08-06tH5aNJE.exeexe 4ece8287c76985a01a4caa629ee98e9bb5f9508f67283457f6149eda9bf6156en/a Heodo
2020-08-06R9BVJMio8Tj8DTG.exeexe bc611134911aba9ceb8cbd8e9c6e62cab610cf30c5523e79c3887aceb3532516n/a Heodo
2020-08-06ElcCFBJ.exeexe 254a9e49e370d29219458958de4ed57e0f15427b0d5c911ef8a5c8a01636bf68n/a Heodo
2020-08-06EaG.exeexe da25002b3ccda6eb13abcdd00e7dfccf24f5e9b816dcf8eb2987cc01a60f523dn/a Heodo
2020-08-06C22zvLXmBp.exeexe f8d9fb0b8212d293a834fb58e47587677bce2660f9495d57a67f44754b27f753n/a Heodo