URLhaus Database

You are currently viewing the URLhaus database entry for https://onefarmdesign.com/cgi-bin/g_r_f/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	427001
URL:	https://onefarmdesign.com/cgi-bin/g_r_f/
URL Status:	Offline
Host:	onefarmdesign.com
Date added:	2020-08-07 06:33:15 UTC
Last online:	2020-08-22 07:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-08-07 06:34:02 UTC to google-cloud-compliance{at}google[dot]com)
Takedown time:	15 days, 0 hours, 50 minutes (down since 2020-08-22 07:24:26 UTC)
Tags:	emotet epoch2 exe heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-08-08	VtM.exe	exe	58814046bc0f47cba03d426edbbdd79c3105dbd6debc3d9f1031a2491c136713	n/a	Heodo
2020-08-08	16f3EN.exe	exe	2d85b5b21f507eb6b0e848fb2fd20fa13a454d1ed003d08d1a27174df9f18d30	n/a
2020-08-08	XwuIAfdO8q8uQQM.exe	exe	c2ce83cd2225e79a7951dc747c974729760cebffc6d141864a952ce0cb3d00f2	n/a	Heodo
2020-08-08	Sbv3B9VdboINOy.exe	exe	8a37523e46e6f4b108357ad4c66995829f275cf739d3a1963e5a69744e5b73df	n/a	Heodo
2020-08-08	NyOSiUpgr3uXwlPR3.exe	exe	6127fce34de3f85dfb648886e31d8b5086849607fa428b666814768a5d89201d	n/a	Heodo
2020-08-08	wugOqpXDGznWCod.exe	exe	421531f67ca856354afb1a6037f1dccaff54feb6afc9d62a2d4395358fa7f72e	n/a	Heodo
2020-08-08	Y1L.exe	exe	74a298683386da417b0d215b203e95fa65022e18e176f11bd15604a98b33c20b	n/a	Heodo
2020-08-08	V7CVUSdoDpQ95.exe	exe	9374ced8d66525bd19a8f7a24c0bfe277f768a601f724023700407bc0da0755b	n/a	Heodo
2020-08-08	6JN4Od.exe	exe	015ff1c36eb0e191b084cdd4b7d9b5e652b5a19247977aeb75be979559cd54d2	n/a	Heodo
2020-08-08	zFKclIxa7kCJ9h.exe	exe	5d7511e02d3371b39d669bc009d1643e00c5274c83e532e6f3695d0a912c9e85	n/a
2020-08-08	2HKme1tXjQuvhC2.exe	exe	ac25d9814fa6a99328b8aa9bd5df2df3673ee6e0f10b45a6cd8d80bd5474c261	n/a	Heodo
2020-08-08	EYYenMH3gb9sFF.exe	exe	959679b5f75a1df7fc74ae205527da75bfb1106d9579685174beb3eeadc01771	n/a	Heodo
2020-08-08	b5P24AFrH4vVWUnnYB.exe	exe	2ada5be4652a49ae72405db687923996339e2e177104a92977248ebe20139d5e	n/a	Heodo
2020-08-08	sxQlmQ6cYLWI.exe	exe	268bb8c7e56414c83ae774c7fc53286872fe44b87734de585f0f5251a73830bb	n/a	Heodo
2020-08-08	tLS84m.exe	exe	a150d996151368f427142b0e7f2ffbc2e067547262afdcd41c26001bae34fed6	n/a
2020-08-08	WqML.exe	exe	d87aeeda57d05bc25858b6b604dc9d8f19a5c0cbc6afa6656b6597d1dd74c8b1	n/a	Heodo
2020-08-08	1x.exe	exe	7c6e9554cb8e7e560d5cab54b02467f37f93b6d0ce7ee298fc781eaf30600334	n/a	Heodo
2020-08-08	kcCiJFJ.exe	exe	6ce6522aec751d48911be2b1282ed3397c69a7aa8531c207d50aec6f74fe82e4	n/a	Heodo
2020-08-08	Qvvf.exe	exe	4b47dcee37aa590563d86b2d8573c204b6963db9f8a35ae6cc3b9719b656b1f1	n/a	Heodo
2020-08-08	T3YTFQR.exe	exe	15490d613ce23363bae89b3bf318e2a19912b653288b98829a3d2bd5c76c84d2	n/a	Heodo
2020-08-08	2kGPU6pn0J2BaQPrAT.exe	exe	e7775bb8ebe3d60f582b4db676a940e5d32d5a4d459057cf6612606c83ee8473	n/a	Heodo
2020-08-08	bVKvEBxuwzA.exe	exe	0c7530ea5e0f43f8aa4245b2022f5de0d20737726da2d028308208e8bd1ff183	n/a	Heodo
2020-08-08	Sn.exe	exe	5172820c848a59c8cff84bc7c62f10c9ea8b9b3f0f64d4bd94f5de4a18cf4a2d	n/a	Heodo
2020-08-08	n45IbWv7tOhWQUatwyDW.exe	exe	3760f45803632885c0c6242e48714292270d0edf84d476f76e318f6441cf0345	n/a
2020-08-08	f.exe	exe	23fecf9ae662273577175bdac7608566c77ab5360b78fd017c8aaa88a16b9e20	n/a	Heodo
2020-08-08	QDudu3NqU.exe	exe	a172503528cb886036d8ea1dcb21fe93b10f7fe8c7be9ec0f8af83d945bd9bd7	n/a	Heodo
2020-08-08	3Qngb.exe	exe	2a4566ea6e0bdcfd234ff6bf3838613d841ceba58c7d5bb2d8c12002b723913d	n/a	Heodo
2020-08-08	u0p6UPAevfFVJOIaD.exe	exe	733b959bb657d2eba5309ca48d3c0f06ede092d734f74daeda051fa814828a85	n/a	Heodo
2020-08-08	nWlKL3PdKyi1goa.exe	exe	1f1dd7253cbc9811e4dc98787a0277fdf49f592b3573684b29737058e302f21f	n/a	Heodo
2020-08-08	vMm7GD71C6vZwDL.exe	exe	72c65eb62ebbf74327a9692197e8b09e09671c28bb5b6c3b5195e7db2a151c1d	n/a	Heodo
2020-08-08	6nv2LwE3JoZGNhIYOn.exe	exe	fc26ed0479d1414583359f4b50866299bbd614b3d2296ebc8625279c1daed44a	n/a
2020-08-08	jpZL0dyqnJtl.exe	exe	5585c8da6aaab97d909d313164ffa37e1ac316daf41191994dac297e09096859	n/a	Heodo
2020-08-08	T2wqJ9bE3wY.exe	exe	c9321d02c54c630c0afd11c40327b9038994852afa199ddc8fbc5e7edc6aafdb	n/a	Heodo
2020-08-08	SBVSJO1Mch5iavbWX.exe	exe	8ae182752c77603467dc3671f59986d0bb029283dd3d8ab262e8b60f00546c84	n/a
2020-08-08	HfudgO7jNXRHv1.exe	exe	6cf810d82201225262ebfb287e33072a0d8a17121f790e0713fb1a1fae5569dd	n/a
2020-08-08	3WO.exe	exe	7a34285d9fdb945aadb0d449dd1dc176ebf32f1afee360e7e1438597dcdc2062	n/a	Heodo
2020-08-08	9psZOfB.exe	exe	95e175337ee2272ac0a53a6d10f80b0dd46009bf002ffc4d6ffbe61c8aab1908	n/a
2020-08-08	zLOFS4xbmd0GlP0.exe	exe	da1cf3963cd1ba5eac9db1e2d67eb72f0412dacdb3282c1f081cd664d3dd5771	n/a	Heodo
2020-08-08	CyQe6WqO9LLzf.exe	exe	d60588400d08b16c6cc887c837e9fa8fa2c6075046a9532081b0d408aba4f8cf	n/a	Heodo
2020-08-08	H.exe	exe	2fe8d928f05f63b6222fbd6cce45b98f26287adf327deb01fb1add198b51c1ac	n/a	Heodo
2020-08-08	4.exe	exe	aac0b0dbc761e7be30d8e427cc3ff251b9d61533611334c1bc2c0a0a0acc72b6	n/a	Heodo
2020-08-08	gAupBCfcmRHL.exe	exe	1c7f6a1bc166e5d79965213441cf914dd4abf0c93b20f133b50ff848604ad146	n/a	Heodo
2020-08-08	Rz6ZaQaHxJjMvl4UDhCu.exe	exe	20e6c913187655914408d3858026dec4409d6061f3869c3c5436cf68d319d289	15.07%	Heodo
2020-08-08	H.exe	exe	b86d886c8589465391ebd8a4be21e22486c59036b07801e9c0d0ed42f5e94278	n/a	Heodo
2020-08-08	TLVR.exe	exe	e8da54f8e7aeaf78d749c3a34aa75c95d4c416bd4b96215d85565722cc7d6486	n/a	Heodo
2020-08-08	KH7d299FFEqwwARkVgQV.exe	exe	37df0459bda64df25ecbc480f7d202281e2e7187ad06350ba87c057854565561	n/a	Heodo
2020-08-08	GjzhUZ8.exe	exe	1bca925f87966ea65dc7bf0d98ecde998b4551809462f2406843d47bb7af002e	n/a	Heodo
2020-08-08	901wlJlDN9.exe	exe	b42b6c65f571b23e857d545e06ac3584ff06dd860eabed36a1f5adc7a0518dca	n/a	Heodo
2020-08-08	n2ZaiomzEfos93bkQjwV.exe	exe	aef51f68910785417b3508a16339aaa84636202e731d8b70dd665de7eb634628	n/a	Heodo
2020-08-07	CCBnL1HK.exe	exe	91de2d6affbd7f4be2378e304d1a4dec4871f5071466e29ce429cf853c6c2d68	n/a	Heodo
2020-08-07	lvosh4PCfMExDb.exe	exe	3a0dd87d625dda9eb052e8ad93213dc2cfaabc68b5dda1f0680637fc5ee4a710	n/a	Heodo
2020-08-07	WzwF2nwLo7.exe	exe	06ef6dcc3638dde13e31ef8c4055bd7184475aacd98047bc89214575579cb233	n/a
2020-08-07	xk8tv6Ppp0SvieqDyC4e.exe	exe	aaf414db874a298c08dec7ca96ab7e5da446f08e97207951bd633f90fec66800	n/a	Heodo
2020-08-07	l2hHDtTjf4USo8RMa.exe	exe	f9bfb6bb88f7038ac8b2a5f2edb3c77426a767119c7e5b517dfebed518ee07b4	n/a	Heodo
2020-08-07	KYy8bxP6PxgB.exe	exe	e8e67402f97639b4a0a6cedd94eaa20f32dd67467f6e8fce8025682d71e3d157	n/a	Heodo
2020-08-07	xgf5Q.exe	exe	59124db0cffedd00e9c24515c308dacbba87ccd3195bb0f1028078f954c58492	n/a
2020-08-07	tTHQkEoOOOpX1uyh58.exe	exe	270b0d016365bb2e885a069a3f34211bad2a77865762fcf1e647041b6b470658	11.27%	Heodo
2020-08-07	YuioncL9Mm.exe	exe	987e0e9509b2073dc30a697717571b9b4d1f9f90ce1d1d35f1513175eda1ce7c	n/a	Heodo
2020-08-07	HCIijEP.exe	exe	c5566410559be5332df0c1d6f4c672394e74e084bf8bb44d98266285fed5d2fe	n/a	Heodo
2020-08-07	Ly.exe	exe	fdc668454de5d4383a374f18e7afe85f98cbfea084fb7e0ab6c381ed8fd7c0fc	n/a
2020-08-07	PdhKr.exe	exe	5422869397ed03e5618f992506ce1b193e7c1994989a8f70bfac91955368a10f	n/a	Heodo
2020-08-07	yhIgYTUy2.exe	exe	894a323fbc4194036b768ac19be8416d90859b534df115d5e5f08eb4d3438fcc	n/a	Heodo
2020-08-07	8GoZ5SCnA70CXdV.exe	exe	0e77ac574baeb8ec9b051ceb2200ddf47ad846f9f9f051b38b53884aa58ad068	n/a	Heodo
2020-08-07	I3WKhBiinXPHshB.exe	exe	9244a604bf7c4b78c30a49b25caf9ea4ec5408ac59a57233e82433064f755f07	n/a	Heodo
2020-08-07	yUB38nnb1GDy3VgxXd.exe	exe	c65c55887b1c745419937588f771f0330416f755089d1a500ff14b019bce53ac	n/a
2020-08-07	Cm8.exe	exe	d4b7922ff4a760472721123fb3399d3b9c7620277fc5f56768964961269b9116	n/a	Heodo
2020-08-07	B56qKjj4x9gp063mT.exe	exe	895026b007fa23a01dd1bfbc0b7fe7b2fb347172fa09a86e9342f62ab6f593e7	n/a	Heodo
2020-08-07	Zz.exe	exe	9234c52ecddcecfab2465a3bb02ff180979b7ae0ae49f226890fe79055163ae0	n/a	Heodo
2020-08-07	jToO4QQiRKvDIje.exe	exe	c9c56533a3b757a8bbe022d9f5ba76a2d9e37c7f56f19c6e438af9664c98d666	n/a	Heodo
2020-08-07	ptKdq0FHpp8Btxy0.exe	exe	bfa6d0c04e81bd957cbf262ca85c57f25494eaf7014cde9ed28b8d74d025e007	n/a	Heodo
2020-08-07	0PVuSLVmOO.exe	exe	0ab7810971112f512a5d45cdb3584ad4870deff2d897e3885624407e1985f08a	n/a	Heodo
2020-08-07	RpUaX.exe	exe	c697e0ffd5bee8d5db53a8a053812a0548d0488c1e37d9e3152baa4ab0b63126	n/a	Heodo
2020-08-07	20BIQL.exe	exe	d0de76f87cc7320a7f05b17df534389c38a9564b686370f18d38eb11744e86ff	n/a	Heodo
2020-08-07	3VXBgg.exe	exe	bc6b668cc6e46e595641e54661be2474ad7e4b9120718099d2b3e50b12dfa48b	n/a	Heodo
2020-08-07	8tLUas6dy52.exe	exe	6367b87ef44d86d1c2ebb908f2db38f49ce580ef9b4adea6a15e923f8fab865f	n/a	Heodo
2020-08-07	xx8kx9s5Vw38.exe	exe	e82c0c2568f0dc4cc1c9406538087df372c003dcab1337500fc21e6b530727c1	n/a	Heodo