URLhaus Database

You are currently viewing the URLhaus database entry for http://shiftcush.com/cgi-bin/tlamvM/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	453275
URL:	http://shiftcush.com/cgi-bin/tlamvM/
URL Status:	Offline
Host:	shiftcush.com
Date added:	2020-09-04 12:26:17 UTC
Last online:	2020-09-04 23:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-09-04 12:28:05 UTC to abuse{at}dimenoc[dot]com)
Takedown time:	10 hours, 49 minutes (down since 2020-09-04 23:17:57 UTC)
Tags:	emotet epoch2 exe heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-04	G3cuXYnS0n.exe	exe	ecf75a280525c48d2e3c6aef0f1cac16e29bb39615a09f37a6d06adc1b2df839	n/a	Heodo
2020-09-04	lNb0IJiy9d6QIaWWi.exe	exe	427b2976e993b1b3121b298579f6e4bcb4fa6a79256e4d3ef545ab604a0e77c8	n/a	Heodo
2020-09-04	b.exe	exe	55f47d70a82e52bf444ab987f5058384f6c353ad59d06dfa9aaaff22356ca199	n/a	Heodo
2020-09-04	cK8W7uc1.exe	exe	03b8ae0e473ff462b563c6e063bf88e4ccaeb15cf7282184113663da8adad4e4	n/a	Heodo
2020-09-04	vI6zRzOqMZQNkZKyG.exe	exe	606cbf83987f4832245eec6c5a27f0e2eb590d0a6d0df1d0ec852fe8b5a7ed6f	n/a	Heodo
2020-09-04	sBi.exe	exe	615899e25d586a1515fa3ddfd5a5d7a603dc097dde60944d3c7e270c09bf6d09	8.70%	Heodo
2020-09-04	pp8viYIIpv5o7AiJRNTN.exe	exe	f98d4a2eca87e668d59b832972925eeb71a4e051b8db791a85d289d2de2bf3cd	8.70%	Heodo
2020-09-04	B7SyitchppzfvcjRJK.exe	exe	c11c1a22ccfd2eb5b9b2457b64bd37fc0d318610de713b0090b7e880d735f3bd	n/a	Heodo
2020-09-04	lHgS8W0X02BeN1PRDx.exe	exe	de5b489d2f82de728909f8e6d7897f3be339481d7cbb05476b481194f6f96966	n/a	Heodo
2020-09-04	cd1DMevRqMyZm0dRm.exe	exe	197f99e9f1af9625fe38e8bd8049fbf7b2d633986d4628aa918099549f1ee763	n/a	Heodo
2020-09-04	zSNIEErfRjWbgc5.exe	exe	9d16af5bb677af2e209d869c2826337bed455663169d4d449d021d5347845f1d	n/a	Heodo
2020-09-04	QjgXhhbUFsmIG3Dy.exe	exe	c245783cd7e22c887d5bd3276f33e3461b92ba68307c0bd6ed0a6788ab8cb93d	n/a	Heodo
2020-09-04	cpiCUcisCfm0DnpvP5dl.exe	exe	b0da4078b34a4f61d81bd513c2cc5f174868afbdc8cb554dd14c7c1e3d5c642e	n/a	Heodo
2020-09-04	JOwhylbIw.exe	exe	a59cc89593152a329460670f2e7c5b928349baee3e415478935b465ac655194c	n/a	Heodo
2020-09-04	6042JwryoD.exe	exe	1bc47841b03ad568aff403ed956d0d18180b6e8d56a6780d7474e743a6ef2636	n/a	Heodo
2020-09-04	3t8QFbzUQHrJmg.exe	exe	79ec47f08a5f88d8c9c91ab60ddd6b2fbb85db3676bb9349c07db2c2775a1011	n/a	Heodo
2020-09-04	qB.exe	exe	8e9ae717543a63d5b8cd7d9dad575b7920b116b62bc7a02ff816b9e4cc3108ca	10.45%	Heodo
2020-09-04	GQlnOLj3.exe	exe	7b91aacdb528cb9564a84d4143abf351b2f8565405e1e96a2325e3939e126c30	n/a	Heodo
2020-09-04	ehd0g1K93lSq5rmE3.exe	exe	d888bd7d02cc7834864ea921c154cbaf6245b09b120a906ec6332dca44fd0ba6	n/a	Heodo
2020-09-04	7w.exe	exe	47b29f38ad1ed88da9baa7e4bcd38a4ea3c39518e235b1b7b3e2b532f06558ad	n/a	Heodo
2020-09-04	Kl7eCajNJ.exe	exe	b0c8d801b42a68f5ea169c3c92a0f238774ff6a213355f9628fd19c1104d6bba	n/a	Heodo
2020-09-04	mBDeB.exe	exe	6796db4b9b24fdc98949d2df732d25fab9534211535300db5a97d3050fc77760	n/a	Heodo
2020-09-04	yk0XwJ.exe	exe	b0f2a6124e20dcd682897892d48e3023e569b7b9d3ea23974df724a6881eb3f4	n/a	Heodo
2020-09-04	DI1TregR3gAkY8WGN.exe	exe	65639b2a6580c7fab5716ee7f996d27f1553f7a465436d52e553ca8c5bdc206c	8.70%	Heodo
2020-09-04	sNbg51QzbBn.exe	exe	996475dbbbd257ce5dbf2f4125b33199811ef9c227b005f8a480b3d044c747ec	n/a	Heodo
2020-09-04	xrYVuz.exe	exe	a57f0ad9aa8641166e3abdf66d83bda561506cd80a3e92efd2e33dab38a1105e	n/a	Heodo
2020-09-04	ZJ9M.exe	exe	d138cf439231fd572612d801f54a47c9d18384336e6106808f974fb839fc4cfe	n/a	Heodo
2020-09-04	wkcQJ0u1P1UhxH.exe	exe	0eb2386f641d453403899c23502e85533c7cb6574edd33a7c4dfc902c725b809	n/a	Heodo
2020-09-04	Upp0HOeS.exe	exe	29003bc6676250a89dd6834f4289d8bdb82c44412183b2e9ec0ce5e76b203f5e	n/a	Heodo
2020-09-04	IzpvVRlUSf.exe	exe	755ced8f99b300981f0ba27d897138e7a04e130017dac88205b7297ba700120f	n/a	Heodo
2020-09-04	Rooitj.exe	exe	8b9a633498afd2ab125e536342759a5130e99479beb558358f05d1ab001ac323	n/a	Heodo
2020-09-04	KKA52OqvCkui7K.exe	exe	4c6b481fee756a5c51d50145cbd20ca7000213679a425e7cf2aba47fb2296c03	n/a	Heodo
2020-09-04	lOC4kZE.exe	exe	da1290e96adebd98b8ca68b9feb9539aef2d943db740984c78ba85ef187eea1e	n/a	Heodo
2020-09-04	tQYHbaay0.exe	exe	26851f95ce8b86bd440ea2ecfecbaebd9d1f3371669c4a91d885c4272f6ac095	n/a	Heodo
2020-09-04	5IkZpR5kxm8E.exe	exe	46362cc3554caf8412afeaeaa49f9848310569538e646ee65e1d3b27240820e6	n/a	Heodo
2020-09-04	6bUpxjFdyf64zOa.exe	exe	d9ba12d8b41dfe0927ffc3f2224e438b1c8edd086cc7ee0c719957b6b9b3e2d0	n/a	Heodo
2020-09-04	Z.exe	exe	5a5675f4973d524c3559b93173f5f7a6549cbc614aa9214ce9cbd6d940dbdcca	n/a	Heodo
2020-09-04	YZd7tXnQkdw9.exe	exe	4d3adff11d529143c245bf0e9be13364f0a966b4a838dcb5dee7a1093eb5823b	n/a	Heodo
2020-09-04	cgCh6llUGSy4.exe	exe	c6109232bba5d0e0e0c42e0309bfca820bc231e3c95bccf324e7a9611bee3426	n/a	Heodo
2020-09-04	lJl.exe	exe	322815449716e0aa760ea7806c67e7a27249232039e4a2fe2f5556f4749753f7	n/a	Heodo
2020-09-04	ots.exe	exe	db1dbcd4b11ccc7964dc687466f244209daebf378345d7bed4e18504ccc09b33	n/a	Heodo
2020-09-04	k.exe	exe	9feeefc36ff1c5bb10a3762b053af065d2dace620349d264d696c7c37643e899	n/a	Heodo
2020-09-04	B17IcRxgvy4HtOPjMo.exe	exe	e52651cbc21e97238de451762009e3b891eb6970e43194ed93dbef7c2cb11c2b	n/a	Heodo
2020-09-04	gEcyO15d.exe	exe	1da8923adc326005efd669a2f79b8a09fe88c8cf5ace3682b4594b02ec6bb146	n/a	Heodo