URLhaus Database

You are currently viewing the URLhaus database entry for http://megasolucoesti.com/UdgDD2851/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	431302
URL:	http://megasolucoesti.com/UdgDD2851/
URL Status:	Offline
Host:	megasolucoesti.com
Date added:	2020-08-12 22:05:26 UTC
Last online:	2020-08-13 13:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-08-12 22:06:06 UTC to abuse{at}hospedagem[dot]net)
Takedown time:	14 hours, 57 minutes (down since 2020-08-13 13:03:41 UTC)
Tags:	emotet epoch1 exe heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-08-13	QavW5Nsa.exe	exe	a23710f3f2d1d4d9cfa2d86f89a244cd36de96d437c8605d7100df7e5835acf4	n/a	Heodo
2020-08-13	a0cu9Pa4WU32.exe	exe	da182acd70b763fc7ae568b61c601d5c46eb94fd009f240eefc53bfc1e9c8aab	n/a	Heodo
2020-08-13	O0v284.exe	exe	1ee0eac7982df94a563d9f6a62fac6f07818f32c6471b5c82db3188b320f819f	n/a	Heodo
2020-08-13	jZt.exe	exe	24d516a53746ebdd401170891f12bf54afa03b6bcdd5365ec5c6125ce529de10	n/a	Heodo
2020-08-13	AdBarjGWaNcZuuhNZmP.exe	exe	4d74c56d75b618b92ab4845d80400dd977626234b65041e9a1ecd881ff9ed773	n/a	Heodo
2020-08-13	a82DIDbRg.exe	exe	d965ef957d158648bccbaab31c3cca12b4f26d190c38769a1c9e917418b24494	n/a	Heodo
2020-08-13	D3hMcI2saLFmfcWHDucB.exe	exe	f8b2bbba1f6667511a29360dc91a765c369e6d60ca19a7954a74f7a76467c974	7.35%	Heodo
2020-08-13	6BIMQ2Q827ib.exe	exe	3ab155bedcc6ee21bace40c70f28677c0d315fc6ce920ce714f62178ff0f71d1	n/a	Heodo
2020-08-13	6hSKpNOZI6KUHmk.exe	exe	22e5998c8363d71f38ae0d79526d60884f328a6c5549363324c6f4b6a3b966f0	12.86%	Heodo
2020-08-13	UjDk5m3XHC9QE1i.exe	exe	b7482ca38dfb6018bb940ca0150da698a8fd89897bb2e3aff2b6be22c3ee05a3	n/a	Heodo
2020-08-13	VrXuvVuY1OmN9dtdx.exe	exe	11ec87c0feb9e05cae75e7ea665ba17748f8da20f9b927967f8e421efd42e414	n/a	Heodo
2020-08-13	WcgSrVIY5YjWvnL4sXO.exe	exe	d15f1401e79c3214c8fabdfe4e3b5e1fd316dfdc43e2c1613a133bf217d30b3b	n/a	Heodo
2020-08-13	9jncvItFRv.exe	exe	4dc90f30a1927b18a6ef8f8e2be4d77b5cd7ac6ab4dedeb7458dbff2f79e5712	n/a	Heodo
2020-08-13	ArJzHnIxMM9zgQn7z0l.exe	exe	cc197368b870271c97c29e1e934695b7ec82f8971036b523be5ca1d9ff877c08	n/a	Heodo
2020-08-13	OSXZKBQp7Go6qu5R.exe	exe	af512416e11254210942fb68a13bde90f9c309c5f6ee887baafb1282c9c75314	n/a	Heodo
2020-08-13	OiO.exe	exe	52640b586fd80675e89d1899a8638057de6babde2d46f86aed9e503587879436	n/a	Heodo
2020-08-13	5HtxvOONm1.exe	exe	8e40cfce46de1977c3741b8ec4b4244673807e97ddd03b64df3b8526023813cb	13.04%	Heodo
2020-08-13	q1UWd3.exe	exe	22e872213224110f56f9fbd7d32234a6ed33a31e987b9b95ad8b8dab1d6b81a0	n/a	Heodo
2020-08-13	qBPKdTLb600uAH.exe	exe	5fbaafc81a7c658228bee213d4e0b810fdfa7eb1be0769e5e075edd218266911	n/a	Heodo
2020-08-12	81gRXfRqrFrqJp.exe	exe	4bfa2726045be462e2c14d4c86baffa330a96e2326ae5ea0a28635ceefad0c43	n/a	Heodo
2020-08-12	nqpwi6ndCwAebACqIZS.exe	exe	aaff021793827a7e91d3a8494ba589b0a5bbb0f641fdaac22965ef8653a9e334	n/a	Heodo
2020-08-12	3H8pC2ZCOMTswubpQ6.exe	exe	b4ee58bf29f4bda044fba03a86fcd9214f61ccd0e26c4a6308615e285f512cd4	n/a	Heodo