URLhaus Database

You are currently viewing the URLhaus database entry for http://onestepshops.com/cgi-bin/wwiDj/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	437504
URL:	http://onestepshops.com/cgi-bin/wwiDj/
URL Status:	Offline
Host:	onestepshops.com
Date added:	2020-08-20 22:01:06 UTC
Last online:	2020-08-21 17:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-08-20 22:02:24 UTC to abuse{at}godaddy[dot]com)
Takedown time:	19 hours, 51 minutes (down since 2020-08-21 17:53:51 UTC)
Tags:	emotet epoch2 exe heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-08-21	1gyA9WpARQR0RxaohiR.exe	exe	8034d94d6b8e2921c72908ccb73be48ee831caac42f31e04899aa0b4a72130d0	n/a	Heodo
2020-08-21	VwnpU7I2DDG65DK2.exe	exe	703f3ea4bba209856a62389b5b9ad2bc1f8ff5c5be6291a13c182fe8a059a545	n/a	Heodo
2020-08-21	O7ozwEFnqTPDaO5.exe	exe	7b78288685bf7836cccf8f5ee1ba2b97a47f8faccb4466f2ed6650e4d1cbfa9f	n/a	Heodo
2020-08-21	Fai5xFgOFiSY.exe	exe	515492623078b5669a754932d1d6a29eb253c95a002d9f2fdb29ae422588af41	n/a	Heodo
2020-08-21	5gdbA.exe	exe	cbdd790193952487f50f4a9c624b752d7f28a4e3bb03f2a5f2268dfbf52d6750	7.25%	Heodo
2020-08-21	Zocl3i.exe	exe	445971f1dc5952c86dcbc9d3e0cdff90594233afbd70a21005b23fd355294949	n/a	Heodo
2020-08-21	TuSKO11PW5U5JGJ.exe	exe	b7435b32181891915bbd2ad82e7026e9df266aa5e9cdb6b50ef4b205cfc8777e	n/a	Heodo
2020-08-21	eWlpynLkmD.exe	exe	75f222ce28472d1afd9450da6468200978208be5aa580c71dcdba2a317fca31c	n/a	Heodo
2020-08-21	e1F3sa02eiO4fshU.exe	exe	98e8dc397841e8662b3452e573646c22b6891d2ea58ab1953332330dba22dba9	n/a	Heodo
2020-08-21	Ypw2OiaNivzgZR0Bu6.exe	exe	a0eafafeb1091bbb9ea99347870b97f8b784bc4d1874a4a76cec9f329a7ff4cc	n/a	Heodo
2020-08-21	wYfm8W1AAZjY4K.exe	exe	f516bdbff1bac44b9746125fbe6684a9a434a2ce5b982a8c1c01088d3fe7e03c	n/a	Heodo
2020-08-21	kcQ.exe	exe	ba2178534954b3179669006f8ce5ead2a99945cc484cc8125779fd6156c51b02	n/a	Heodo
2020-08-21	GvjEspi.exe	exe	dcae520b039fd99f925639889c405e2150a85788a108ba102caa1550426cab2e	n/a	Heodo
2020-08-21	RIQHifYOaZfg5.exe	exe	29781b97e13e992dfebfb9774b59f98296afbf093e3aedfa2965fae8a2685450	n/a	Heodo
2020-08-21	HvzBzzAaxj3IGssO.exe	exe	c9bee79787db92bba35d9c9931393939f62737cccacb1a0b3d25379ef29c6ce1	n/a	Heodo
2020-08-21	6ZM70CcYJFy9pxUCKx.exe	exe	4d2f2049720fd39d521352f07deb4dd7af97c52950e40edb5a1896f6b05a2f34	n/a	Heodo
2020-08-21	YaeKLKcsZ0GWzfY525.exe	exe	3246b7e2cd26094c73a0845fe80903dc6356b710f8be28513f955cc37f1c7c86	n/a	Heodo
2020-08-21	iSBWT.exe	exe	0932bdc0a6f07ce8d2dae499f7cc1eb9290d29eadd90fe2d3366b0a1fb363bbd	n/a	Heodo
2020-08-21	4Sq2.exe	exe	6bf3427be27440021b09d8a63eb1eef84060f21ed5973911a538e3897983b5bd	n/a	Heodo
2020-08-21	dSTr6LtGvBStj3QZl.exe	exe	52ba8e1d97d6f4416864ee1ca0347b683c01100669ce36d29ba903b47a00d416	n/a	Heodo
2020-08-21	W.exe	exe	2aba35ae7f7b36094fd65ad4846a82c6f83bb7fab30d07e02a76a2fa34ed9cd1	n/a	Heodo
2020-08-21	U8y9P.exe	exe	064972b993e85ec122952956b31aaa3a31a83b1fdf5fed11863f84186ac3a737	n/a	Heodo
2020-08-21	gJXBmpzF.exe	exe	68feb2ad469ba174fe785f5d8ea43312a6ddafd6e9d0eec5a717562f1c266f74	n/a	Heodo
2020-08-21	TZ1mw6RtR5Du.exe	exe	2ce8a799fcdb90ee5363f0db8a5440ed5f5e5e0c31beb2a34e29454920f71e79	n/a	Heodo
2020-08-21	6p4.exe	exe	b76aa3f0b790319c0a42c44d9dee1f337e5f8308b816cefdceff8e2226637d20	n/a	Heodo
2020-08-21	G.exe	exe	432fa79432d65247348afd9c2f236cb73e1290216842f200d462f838450520b8	n/a	Heodo
2020-08-21	H.exe	exe	9a9f518ebf8120352c1c15c6dc9e7a43af22c1f21b18cbf4cda6376452338e7c	n/a	Heodo
2020-08-21	noDcYq72.exe	exe	cfabca857d3c7d9593f6a8db561c409bc6981d41f20aabc794df446194798772	n/a	Heodo
2020-08-21	b5nZeECC4.exe	exe	8f8b42b2348a4069df69fc8fa9ee47a843f8a53e576eb1f7dbb708f906c23758	n/a	Heodo
2020-08-21	tA7AogsSesxv3Pmtw3GF.exe	exe	4061bd1c956241b12cfa4110bd341187889fc03455ece9e2172d93287009f0aa	n/a	Heodo
2020-08-21	yKM8F8yx4uu4zEtmI2SX.exe	exe	687f36d362195130295b9afe966f14482378dee78d8b3637f5d0640e6ea10068	n/a	Heodo
2020-08-21	FEQRDbM7bI3ih6Zau.exe	exe	5a53bd008c08873653718ff90bfae056c8fc9f6ba7662486cb808d197228bccd	n/a	Heodo
2020-08-21	vnFM0nCUlkB4.exe	exe	6f340267b1a926e8a56873e4460ba694e1b22eb139aa3de404fcfd6578604c42	n/a	Heodo
2020-08-21	fJtAR4JuU.exe	exe	067b62f417d982ad183fce34bc892854662efb1357986170196fcd00960c3476	n/a	Heodo
2020-08-21	BSQclDOA.exe	exe	222e5d73ff9eb6ba65796141e568acfd53cd5393488ae528be07b5c9d60967ef	n/a	Heodo
2020-08-21	rcslrKQj6P.exe	exe	85f14997993a5f293f2d04717695980dd5024a2a301dbe08ca48c0c1b91301a2	7.14%	Heodo
2020-08-21	va1Gk4exsry55MlCJ.exe	exe	0010d9c06313cf613b4b839d7d343777638c1cf072f29136a973aa87beac4ca3	n/a	Heodo
2020-08-21	BS6Dzi.exe	exe	7823aa064c19433c5b49ba217efe922113597cfd15ea58f6e788464d6583e68b	n/a	Heodo
2020-08-21	Av4VvktTmF1QzudfKa.exe	exe	c3a30f18aecb1ee47fdd20c31cf91236fe9096bb15ce7b6e110bf1d8388166b3	n/a	Heodo
2020-08-21	7P7OlYrHDs8gi.exe	exe	ac867c524aa791c4ab418383ef3155d823551c56a0fa9af42d904f0a8992a6c8	n/a	Heodo
2020-08-21	xedEtbih.exe	exe	e99362135a79fe0bf716a9102fb63192d143728cc3203deb95320f70e1c4bec5	n/a	Heodo
2020-08-21	sMmR1UEij7.exe	exe	897d53bd9196df2a9e8bbd17d8375e96ab1f0109223a9eba799b0fb2a1263934	n/a	Heodo
2020-08-20	t3Xg.exe	exe	0895507b4e66ab64736d656014666620c96af18edf34b0b59eab2237289d179d	n/a	Heodo
2020-08-20	8.exe	exe	e71e47fa0fcdb1283fbee2e33f4ab2667b983d387aca7271aa0a50367132ce86	n/a	Heodo
2020-08-20	s9DO5dJwYh8KXeH.exe	exe	9008fd749da34149f879ce9dd04fd2918be3998410a8d2ff3dce66562024473d	n/a	Heodo
2020-08-20	pEV.exe	exe	98cc26e89352f5fb14438ff27d6e41dc078d033a4f0fd19daa4ba54696adda78	n/a	Heodo
2020-08-20	Ni1PP.exe	exe	d4b7eb0edf6f72846e31e9dee855ab55b9909644162cb9fdb51d53474dbffe80	n/a	Heodo
2020-08-20	Hi2F1VebW9kEh9yQ.exe	exe	7f0462d5532201c169ad5b0f29335710a39c64c5567181b4ea8801035ebf74a5	n/a	Heodo