URLhaus Database

You are currently viewing the URLhaus database entry for http://watersdesigns.com/cgi-bin/XXRfKgf/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	426337
URL:	http://watersdesigns.com/cgi-bin/XXRfKgf/
URL Status:	Offline
Host:	watersdesigns.com
Date added:	2020-08-06 14:12:12 UTC
Last online:	2020-08-07 19:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-08-06 14:14:08 UTC to abuse{at}liquidweb[dot]com)
Takedown time:	1 day, 5 hours, 13 minutes (down since 2020-08-07 19:27:13 UTC)
Tags:	emotet epoch1 exe heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-08-07	JfkMSBbLN6q.exe	exe	b95f42516158d8b67985cc81883f19754845a4400598b5225c3fbed31b6daaa9	n/a	Heodo
2020-08-07	DzvBAA.exe	exe	4aceccc501bc312facec14eec44d61ee3e21daad55e5140a04d1bc528726a71a	n/a
2020-08-07	lW6PR.exe	exe	8cb9b305343725ff0366212e7760b87408929e29b519ea86bdc504f13b836dda	n/a	Heodo
2020-08-07	LFyyPVn4QDax.exe	exe	f9ba0c4810dec878edca0d90ec6b1907ce37b190788ad3d7f98faf94a057db48	n/a	Heodo
2020-08-07	nO5g.exe	exe	7c1b3e73a1d4519244b90b335bd1f879a70617a97573af34e30d061bd52f6e63	n/a	Heodo
2020-08-07	G2BoxW0h.exe	exe	49bc0e1bb7d14113251770882be447c0577e63be04e4c78dda3dcd2b36738201	n/a	Heodo
2020-08-07	E50eo93xaN79MkIHzilBp.exe	exe	489f9ac65bb1857d40ee7c09da0cb71d445d01db1edb6af134819af7d1dff089	n/a
2020-08-07	u6NxPNJk.exe	exe	6e5d56b974d3e33e984ce496f9e03b5d22cf160c48317a1621f8b60c205acae9	n/a	Heodo
2020-08-07	C77AGz9GDBRAol41Xime.exe	exe	07a63e2752bc914830d0de227222998be96381d24ba7aab09c813336ac6c3d57	n/a
2020-08-07	ThPbdwbmNwTU6AmeC790.exe	exe	b090bf9a6f037dccb0a30dad84ec714535e7b1bd4a6faadee821243612b15e71	n/a	Heodo
2020-08-07	XkNHdYUw.exe	exe	14aeb3554931c9e6b01b077c8c0a30e4655c5dd699d37b7491a29be555b270f6	n/a	Heodo
2020-08-07	hqLWdFsyH.exe	exe	d3abbd31563eed309656a122e59d2535f46d7bb1e3fd2edc366d401ab6c8910c	n/a	Heodo
2020-08-07	t9EtDhhipw.exe	exe	cb61ef1c62b708fc19900bd1625bedb6cf52706f9803d80ac3ffb48f043d7fe5	n/a	Heodo
2020-08-07	RmSlz.exe	exe	bb99f751132145b26f4d4e05093139d0761c34f507cfb92d2b5303870405f43a	n/a	Heodo
2020-08-07	gWzJoP.exe	exe	658051bcbc235142ccb8faa51d77e86363bee29c273467302ef17195b0dba87e	n/a	Heodo
2020-08-07	vCtu.exe	exe	d8d8e2e35606c7eb20fb8db0ec616077f616d3fc56409998d6735b9b6034a6c6	n/a	Heodo
2020-08-07	1CszmlxdoyWfDz.exe	exe	b765f154536b182b88c5ce50a2ed6e3cfb8c7a9374f38485a49d9ac6c3111145	n/a	Heodo
2020-08-07	LFzN2vCUsrdHdOJA.exe	exe	504b19e99156b916c1cc3b9370fcecd2a86b1aed1083e252120dafa0ca3de5c5	n/a	Heodo
2020-08-07	Iux0v3t9GFkrtNvQ.exe	exe	4efd115e729225b0f76fd2ad72a1dd31dd5482b3c8a6c093ff22c2bda836de47	n/a	Heodo
2020-08-07	oecyR0.exe	exe	36fe123de2f6c224bde392d05ee2d657390eae37e01c534467cf4759ffce1bd2	n/a	Heodo
2020-08-07	SKmtkgrrX8.exe	exe	3ea802d8133ad81dad3b169b22023970e93d3dfe4c65855bfe2e15fec00817a5	n/a	Heodo
2020-08-07	sKx.exe	exe	5188783ff53d67ab65e97104e83550d66db07a379f79c2d328208c0636e1b6c1	n/a	Heodo
2020-08-07	TMrOif6zKhhi8Ovrm8Tpv.exe	exe	d4e7def33133e95b12a7ffa4fa9a0238f5d479d624707180f2cbb51a732cd61d	n/a	Heodo
2020-08-07	ERHj.exe	exe	a265af6bf1bd257ed57dbba8ef5b8d8632cede2699579d030c3d41d894b0e7c6	n/a	Heodo
2020-08-07	ME4NK8.exe	exe	80964d055f805be573e8fe31727b28ceeb56ce9dc937a14f653a4cfae1fb55d0	n/a	Heodo
2020-08-07	G8G7opYc7wG5.exe	exe	b340d7fa69bb3d93318a956b6f0264dbc122dbb62b2daab8f6824e2bd0b29f7d	n/a	Heodo
2020-08-07	41EEE8.exe	exe	cbfddc2972fb00b56545c1b450514c6caf4c2065988a0c93310b034bd3b33280	n/a	Heodo
2020-08-07	xFl9VuQgrtu11LJJ7Zrt.exe	exe	0f90fe8d443c1d8892521091ee95f2e9b67dd80527b44e9b67eb38c5bbdfea95	5.71%	Heodo
2020-08-07	3YKJ8ZzodPXtvqOK.exe	exe	ce74547ae774474acf62649bbcb19dcb63d8930164525172719b2a81ed2e7ffa	n/a	Heodo
2020-08-07	Yr4TXy6itK8FD7.exe	exe	a1a9e85bb2e15657e15ccf0db793b10891dc235eebe930fa6bbb89f4def91723	5.48%	Heodo
2020-08-07	f03ij.exe	exe	324f856292c3925b015edee1df2c28428182a706ff298d06cf89f096d89c275f	n/a	Heodo
2020-08-07	aFdD4573lKof.exe	exe	6e87637a39dd31b76f5f65bbd4102b0f5ed0040b85a45e41bb5cc2b91f3911a7	n/a	Heodo
2020-08-07	lU2185CWVsENkgrS.exe	exe	1e4f081ba31c894d456fca5fbb80fab0ce7cc87c1240cfcda797e41759517616	n/a	Heodo
2020-08-07	2RpPfjaS.exe	exe	500a76212b3ab0bf2d480036f91360c0e886f310ed59b2b47c2904e0e4d41e77	n/a	Heodo
2020-08-07	P3VQfVRNNtyjAG2DaW.exe	exe	f9b76689eb17c1ae665987e9a2f05dcfc38d26f3a8219956b041487b968c9fae	n/a	Heodo
2020-08-07	7gLnWQRy.exe	exe	6ce2337ed32bdd74ec1ae18341d25573297eb4449b3c4f23551896615a6ad93c	n/a	Heodo
2020-08-06	LVLITQbOAhqnQuwvZr.exe	exe	1f392eb01b893e496b02ebc280119ece594a66865b510750921c1fe69da7883a	n/a	Heodo
2020-08-06	PkSBfrcybv2Fa6HRn.exe	exe	99bf5fbd8c20fb034f49b9e57144e8a20b60c8c8a3a7a19692a87afb498dc01e	n/a	Heodo
2020-08-06	iyTkmPqNuMiQwzBjkqFVM.exe	exe	2c5eddc5b7fff76e944fbe69317c73c6658192fde1d2922ea83ef843999b5a97	n/a	Heodo
2020-08-06	ERQUt.exe	exe	ce59862eb27ad5dc79ddc467cef0f71e9af1d1317083f45816362bc9dbac69cc	n/a	Heodo
2020-08-06	YcPNegN83Mmvv.exe	exe	6d1880762b30d45525069a2a7c609ba40795d3d582072fc702fb305fdea64e82	n/a	Heodo
2020-08-06	vfzgJaO.exe	exe	d23ccfb28aa8c5a787162114e60cce38e0ae9cf707cd07dab635befde13a66eb	n/a	Heodo
2020-08-06	se07XTJhvA.exe	exe	8df1bd2ba10cfb85682215e2d10a5c4549f5322e4664bb64c091c0a3b79be9a0	n/a	Heodo
2020-08-06	BTrkG3qhiTZPDG1F.exe	exe	7904bfd3eb40ba5b8a6a51056f6a63d89ba82d6c2ec08ee6ba5f7d2ef889ea93	n/a	Heodo
2020-08-06	i4yOWc6QxYvdd.exe	exe	1378bf81cd7adcda287ef90d206861b5dcf017b8d0db1e78d43b28403cb3b855	n/a	Heodo
2020-08-06	bH2EU5dRb.exe	exe	0ae194b6adb7940be2352e2af836e598c36e6f3a9b914bfa362661e1cb9aca49	n/a	Heodo
2020-08-06	2h0yxa0YmLtgOHJ.exe	exe	04bcce56d7fad29ba0f6584709cb6af980a9931358b1e35e467fdbf918cb8a44	n/a	Heodo
2020-08-06	I7MiDjahw6VyxYY.exe	exe	d3e70c3019bbfef8dcaa052884c35c5405bd57fbf597c8afb9ad4678b51e3e99	33.33%	Heodo
2020-08-06	aqWBeXVLjzhJ54HRz.exe	exe	57025594c38dc646befee20609452f5d8737a47816e05ab13bc8b31cb6b9dccd	n/a	Heodo
2020-08-06	yUA8DtGQ.exe	exe	fce720dde04236f160f63674c0939a7fccd3e8a9e05952983976908b8f71cec0	n/a	Heodo
2020-08-06	afA9d1sY.exe	exe	8122ffc5b9973ff00b57b79fc153eea53611e4fe3b285b1d4cf3c6f7e8d6b4f2	n/a	Heodo
2020-08-06	aSjeiybr7KdZ6Pu.exe	exe	dfbfb5ba00b2c8bf0741f490441dbbeabe31e4be3650e43f18283cae0c1f0062	n/a	Heodo
2020-08-06	zA2B539nHyKxPDP.exe	exe	2ba850df7245d328ba1a3d8f2b3ea2656a4182c49ddef8cceda86cc2819af9bc	n/a	Heodo
2020-08-06	LQ9.exe	exe	a77a26dd9cf714abd7260798cfbec825e81c90580b12c4ecdf80f25159004ef6	n/a	Heodo
2020-08-06	mPWUiRJAqrxQViasJ.exe	exe	36a981371234a52f048b0f9a42f1add9de5b48e5b64a24aed00f34d5d7eda25a	n/a	Heodo
2020-08-06	NwtKwJEPqdqw2YV.exe	exe	b3a63dde84fb84a95617c001eb68f90a254593a29899ceddddfbafe6d0e2e681	29.17%	Heodo
2020-08-06	dhftGjv06.exe	exe	b50cfa1451a5246c0d14c40b6da559c2c88815cb2a5a7d2a9fdd3b076211aac1	n/a	Heodo
2020-08-06	heMzzfnfH5qdemosT.exe	exe	c01c487c98820433c67ef97f057fee992972a369c442a1b7d6f02b2b11d9e9e4	n/a	Heodo
2020-08-06	ph8.exe	exe	ecbc139d466b80be281a6dce0c368555713860f77d3c10d019692d33319bb8c8	31.94%	Heodo
2020-08-06	PKD0F.exe	exe	43299dd838759e0a42fa566345a457c86d2a0c9462ad958103414533b7f18cde	n/a	Heodo
2020-08-06	AuDRIfQdzK6j.exe	exe	6c117864ebec57bc2125fad17bda9f082b81b8116853c79d9a0536f684ce3860	n/a	Heodo