URLhaus Database

You are currently viewing the URLhaus database entry for http://mjk-s.com.ua/wp-content/wr_pgu_kqegor6f/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	434662
URL:	http://mjk-s.com.ua/wp-content/wr_pgu_kqegor6f/
URL Status:	Offline
Host:	mjk-s.com.ua
Date added:	2020-08-17 13:55:47 UTC
Last online:	2020-08-18 07:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-08-17 13:56:06 UTC to network{at}abuse[dot]team)
Takedown time:	17 hours, 58 minutes (down since 2020-08-18 07:54:18 UTC)
Tags:	emotet epoch2 exe heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-08-18	zm8bDj3PYHx64HfMLL8t.exe	exe	39a467ab7796d327f8f8cc38451730fa99e9fff6959a764417a326210aea9508	7.25%	Heodo
2020-08-18	E.exe	exe	405daec27acccde13157ec711b1002eb52ff9215035585d02036f437b1a81958	n/a	Heodo
2020-08-18	6NbX.exe	exe	6b25f355238cc72a7ecc98e7f97eca0214392d658895dd7df76fa818cd170fef	n/a	Heodo
2020-08-17	WFwAL9IO.exe	exe	fc9379dd398ee4155ac8c23bf1aee96467e602abb16c705501d3dd6bcc38fa83	n/a	Heodo
2020-08-17	l683w5.exe	exe	d767c076c9983d57bc51390384ac970b0878317176271d776f8ed03de856a7e3	n/a	Heodo
2020-08-17	x85BdEZ.exe	exe	520fae1c5ce4384c9656bee6a99c60617b530ef3a475aa6d9747204fdaf7dcea	n/a	Heodo
2020-08-17	mNlSlRoLZcmuDR5m.exe	exe	ab59263329d05c40f62c18c3f21e621735400b123e59f15914ac697c9bdbce4f	n/a	Heodo
2020-08-17	eUQJLohXRgzUqqEK.exe	exe	f434093251de6723d7dd01bb76813eb4bc67757324190e8cf3dac38fda35f620	n/a	Heodo
2020-08-17	r.exe	exe	1a62056c1836469bc90afa3ac5ba7a34aa9331a50acd1d24f93f3e64e39f2500	n/a	Heodo
2020-08-17	ApqJ0jT.exe	exe	e200a9cdf785c764b2ebfbb94b9cf666fae8c7cd20112130fd78e75db4e9ce1d	n/a	Heodo
2020-08-17	nzxVj.exe	exe	236546dd2b691ace1b23ffdb5ef9878cec4b73f41f0d145c64463df70cbfb646	n/a	Heodo
2020-08-17	dNqRm.exe	exe	2641cbcc688c20044a7aed54246754b4c9e7075cd1bf1bb2c5daada7d7b50986	n/a	Heodo
2020-08-17	iRG.exe	exe	fa1a7515bedb22578281938c84c91da70a6737938309e1b0b66ba00b42f118ed	n/a	Heodo
2020-08-17	yjmq4b2WCVG1nphn3.exe	exe	e21336c8d8bdbdfa374f90e7a325999be70945d12fafddd3ebb7dfba03a4ef53	n/a	Heodo
2020-08-17	zyHgRnW6MH509Woqjo.exe	exe	fb267b421b18901e29c5eeeede9cb57e681922205ebbb8a024f9507e47b9044f	n/a	Heodo
2020-08-17	D.exe	exe	9b696b594322cbe5f230be64f3aae02ea4fde69139ec9f7aab84f4686d12e991	n/a	Heodo
2020-08-17	vDZaRTYG9LYvXH37APeL.exe	exe	6cbac8fb9be2697c2026d74c755222f9368c55a1149b1c3cc401289dc8cd8107	10.14%	Heodo
2020-08-17	S.exe	exe	806fdb36db015285eff0130563e5dfc9d96334a8c9535b33d2895d04709e961c	n/a	Heodo
2020-08-17	oOoJaR8RhPb.exe	exe	3c197c23acbdde86b71a51cc3d62ff432336102545593fc579c13e1972492f47	n/a	Heodo
2020-08-17	nOf.exe	exe	8010eeba67004d4b094cec5d0c75f70ba2ca798d172b4cd5b3d28e4b9926f487	n/a	Heodo
2020-08-17	wwBaUfsdb56t.exe	exe	f8db4a22b99c1c03490ef271da3543fbc87c3f9ba6c21121a0170b36c179f6f4	n/a	Heodo
2020-08-17	hVzuM.exe	exe	6672db67909348d36d27d5470b587515099296347c98a5a3b3d2da7c27fb72da	n/a	Heodo
2020-08-17	vH6c1.exe	exe	d7fcd86f847d3f768975b8a58206f0a1cf4219c497d360cab5205c11316c43c5	n/a	Heodo
2020-08-17	U7bU.exe	exe	fcf79977f9b917b675ca02c5c605817bf111b73c8553b4ef41941093a2d03dd4	n/a	Heodo
2020-08-17	zKhmdw3hwv0GJCKOYz2.exe	exe	883cf7777ef9041a6205000f9cc9e219913e0ea6a499e03de7bc47723e10dd42	n/a	Heodo
2020-08-17	ZOk18oE6cTIkpvw1c.exe	exe	ca674c11c432684d3c40d985da0b5668c0a670a8eb5186a2eb38cbdc794a3ad4	n/a	Heodo
2020-08-17	ziO.exe	exe	cd0ebadbc9f24ce45be9c3f9fbaf14c8142f2cb3f23fe25654d754c98817b08c	17.65%	Heodo
2020-08-17	QyxWMO6sPBWmITqY.exe	exe	6f2267db286f8e12727f7601e942ba6ef807d504ecc41bccf7d3c724738a2ce3	n/a	Heodo