URLhaus Database

You are currently viewing the URLhaus database entry for http://samatechnics.com/_scripts/DWxipw/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:451313
URL: http://samatechnics.com/_scripts/DWxipw/
URL Status:Offline
Host: samatechnics.com
Date added:2020-09-01 21:44:36 UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):No
Tags:emotet link epoch3 exe heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-02RRveHHD9e9P0214831.exeexe 6ba8be9cf769fcc8f19557451c3052fe7eab8d347f33609d1f35d7c3bc061222n/a Heodo
2020-09-02982Uj72G2ofepJ.exeexe da8f90c8cb763513bb65ce85589dc0595d72780186763c9b2d3927bc43ceb1bbn/a Heodo
2020-09-020149797285.exeexe 0158ebd4da71c377338e49f491d890a20914cf2b0633ba7eed18d369a45c2d3dn/a Heodo
2020-09-02OCrp17VMpAD592392538.exeexe c5ebc5bdc65e526d29c57fed77dfaee3b2dc3c469bf966274cc3627bdb5af2abn/a Heodo
2020-09-02JDiNofz8inG1379994028.exeexe f4e642ce8f6157f842f23dc3201f3e76e4a1012098bd7274790261aa9c41b71cn/a Heodo
2020-09-0254q3vOLo.exeexe 625b8d7e541e53664ef4042c2ed76c802be7896315dd6b55c3c0cdd0cd2c5400n/a Heodo
2020-09-020785936842.exeexe 2c2c8c3d55497720c4b27a58cd345cea9d7cb9653002dcfb2df0793329a611fan/a Heodo
2020-09-02sA54865843418296.exeexe 4834505004fcf6b5a1723a331e4273db6eeed17f859c497c7cd84596ae57a183n/a Heodo
2020-09-02KU.exeexe 9becdac57b85b4d1a62ba00631a9360ae7ca4232b357080bb16004b2f7a5bafan/a Heodo
2020-09-02LtgFi3L3947885817.exeexe 8c4d4c0ea97b1a387f5a5dd69869e286578214dd87bb20f9d8f4ba8951fbb64cn/a Heodo
2020-09-02JZ44R4YMWIya0198.exeexe cf398f0e22a7be88d25dd71da420f6baf307f460eb2e84f316355fe9cdb230f4n/a Heodo
2020-09-02CBN066906100.exeexe 852395c3d5bc0f9ef17fbcc52dbba8467d5db152f40ce98bca43fae0d8178bb7n/a Heodo
2020-09-02p6hVxjJvf2808663858.exeexe 9215af054af0ca130207db46fa3593e04b9ac3785646fae85ad1142a467a3ff0n/a Heodo
2020-09-022AObaz0ULq.exeexe 38215cb531c56d3b846feb734eeb9a1b24ce935481cc3842b8fd751c9061ee56Virustotal results 8.70% Heodo
2020-09-02LtjTu087600.exeexe 850b4ba442c97a9f4f41a56c893516f7ecb1cd08f6857664fcb8543a100e82feVirustotal results 8.70% Heodo
2020-09-02537609.exeexe 2f74fe0b513d54296b13789f413d687836ab37a5db92ba5c6175d442a1900606n/a Heodo
2020-09-02016168794PTl8d.exeexe 69a43856135aa7b9126b2f5dcbeb8f6c75afb32282c58583e91669622143e91an/a Heodo
2020-09-02AK9C.exeexe 9dfc727140f40516e8fc396306e7b2815c47d2719bd7eb1ee8e38dde0d572931n/a Heodo
2020-09-02000059.exeexe d1a0cd66f4f06e6c15e2028d3358f3a30cc7e7947bc8fcd86a74b9845339d9f9Virustotal results 8.82% Heodo
2020-09-02SCNLdD3AC6E9.exeexe 96269367ed3d6179574c7e9fee08c3bf545f4cf0ebc8e29a5aaa75829cdfc4c8n/a Heodo
2020-09-0200009.exeexe 7c891b34df66a3d104ad325cedbbb32d9a5ce6b733003547e74cc24305a143f5n/a Heodo
2020-09-0204017qj.exeexe 3e5741726c02852a25da0799cc5f0f4c9566fd7a1b8de602e8256d379bc95546n/a Heodo
2020-09-02004403.exeexe bd3dc4657de66d33ce2f2cac43529cef3d5da66258c992cb8d9674f957e84473Virustotal results 16.18%Heodo
2020-09-020089975349fhj1qllXoiGu.exeexe b6c7c65fcf04c8cbc8b9be5e4e6cc6948239df9bacd6230d5a22a341e5066c9dVirustotal results 7.35%Heodo
2020-09-01eX5zaggkErM60.exeexe b9cae66117965dd38dbce964d87c11899129e576754f98af23af9f8d7e6266c7Virustotal results 12.86%Heodo