URLhaus Database

You are currently viewing the URLhaus database entry for http://mendozagroup.ca/wp-includes/qqiB/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	504824
URL:	http://mendozagroup.ca/wp-includes/qqiB/
URL Status:	Offline
Host:	mendozagroup.ca
Date added:	2020-09-14 23:41:19 UTC
Last online:	2020-09-18 13:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-09-14 23:42:30 UTC to abuse{at}iweb[dot]com)
Takedown time:	3 days, 13 hours, 25 minutes (down since 2020-09-18 13:08:08 UTC)
Tags:	emotet epoch3 exe heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-16	ObxrpQ3it8sSHb.exe	exe	0aaa0cd7590b585f59eb88a7a5f41e99c27034be771106d39deb43491a52f180	n/a	Heodo
2020-09-16	SXLwgamdiYH.exe	exe	deddbb549f50b75054c224ba7b44373a220117fea71ba0ee293a8d89c6a00a61	n/a	Heodo
2020-09-16	THhE0rM5ERZ0.exe	exe	1f8d574d49f36a77809f051b51b2f3e8c22f18351fe714e2436f5edf37932e3d	n/a	Heodo
2020-09-16	54kTMYK.exe	exe	e28c026b3e50b8d69d097a95473976fea77ec0b8f222fc43d544cff2d6e8a6ac	n/a	Heodo
2020-09-16	RQx39eXoy8u6AB.exe	exe	844c6d604e344259dcb954469365186791f3f5577d52e89dbc912fb768079843	n/a	Heodo
2020-09-16	JEnDJJvUY1WzzEOIAMpn.exe	exe	7ac9a6cad363081ca9cee561a47cf61fe87782de381114bc66303db46631132e	n/a	Heodo
2020-09-16	I.exe	exe	aac5ee35751b1ecd1a42ccd63068f6162c8beccb2905f1fb907f595645fccc50	n/a	Heodo
2020-09-16	pPf8JUhxnaQPzQQJ.exe	exe	83062af835be6a8826d71067e91a2f012fcb0f0f4ece99ecba5012142b149d8e	16.18%	Heodo
2020-09-16	SOV4Vy2htoWMxeE.exe	exe	b9779f4196297715f9f7d3a2c0a3de0bcf40ea995d0d3c73bbb3ef6422efe351	n/a	Heodo
2020-09-16	HLoaoNpF.exe	exe	1874122ffa87d27f7c8459fa713e090a7f1ee01137f6f9bd295415398e4cbda8	n/a	Heodo
2020-09-16	a0VXXTe7wmDoCx.exe	exe	11d4d0771fc3908ab1c9730295bd88a7fcb20fa76f99bd89746987ec42ae0157	n/a	Heodo
2020-09-16	VTl4ivxJ1.exe	exe	a0bff16e8d6821120ead4d0f65c123a2cd6a9e1cd9aac12f488a4085c0b35b71	n/a	Heodo
2020-09-16	DjeaFLW.exe	exe	811ea11f69346c2edd4d15597587a0a61d87a7a54bd666454995fe6b3b98c813	n/a	Heodo
2020-09-16	u.exe	exe	d08e3e7af8a38e5bfbf8e24acb33f3f98a1fc2d1ef9dc05d326cf00fb13b8f17	n/a	Heodo
2020-09-16	J.exe	exe	4554368f57b9d59a748f603f1b52e51a31fdef91a195eb04a81a318586b93bcc	n/a	Heodo
2020-09-16	iXWN9T12qccWv4VJ7Z.exe	exe	a57b3eae9cc69424ae434f281533443325b9bc8aa0dcec0b37250d2221e91366	n/a	Heodo
2020-09-16	xMi.exe	exe	7f95b2193998c4b6aeaa2647b9fac75374184bb0ccb943bf74fb6431963a9c67	n/a	Heodo
2020-09-16	fTZ8zfQ.exe	exe	2119957c5aae1b848ccc3bcdc3dffb359bb98fd63ade2344fd8dd91460b3adbf	n/a	Heodo
2020-09-16	hqk.exe	exe	4a51a76c8126cbdd7a5bd4508921cc637d9d6d02a794404b5daaca62086a07a5	n/a	Heodo
2020-09-16	hqk.exe	exe	4a51a76c8126cbdd7a5bd4508921cc637d9d6d02a794404b5daaca62086a07a5	n/a	Heodo
2020-09-16	BVhaB6n6yC.exe	exe	a5be54e74fb4cc06854f126928e954ef7520595735d99ab9db342438130ae04f	n/a	Heodo
2020-09-16	s7loLaa.exe	exe	928039e68bea23be37eaf09d93fcaf66cc226b8cf280ecfb7203f1d9699caa2e	n/a	Heodo
2020-09-16	2OP8SuffpvvBKTwGm7.exe	exe	ae637514a5aa78e72fa48ee9d0489beceeeecbf2bd208a95997839c2f17ad1d9	n/a	Heodo
2020-09-16	PMuosvKzH34e4AD.exe	exe	4ac119547bb63875cce9a631ffd317cb81ffb9bb002369cc5ddd7ccf08564761	n/a	Heodo
2020-09-16	elCCDgWyuB.exe	exe	34dc326bbe615d088df8b79873d21ada69bbaf900094335d132f41e244b6e476	n/a	Heodo
2020-09-16	IA3eOZ67ImpcojVSYP.exe	exe	2b4e767e4f1f0e3fbde0490e904242ee2d255b69bebff3a6dbfb071b88328a99	n/a	Heodo
2020-09-16	dF1tv0sDzzu.exe	exe	3280f5494fe4d5acb87b4d3bd3da4c8eac9a239f194d256c18499efff3e2cd87	n/a	Heodo
2020-09-16	DWbnAxDrK3S.exe	exe	796cddc7a2de1b1429debd4508727aac5d54e110c3887e6878f3b8e762caa09c	n/a	Heodo
2020-09-16	MSYUTc49dLxFRFiX.exe	exe	6d360c9272c8f44b0eda9306ddf2d20b0473a9fd2afe459db34f1f95ba8b729f	n/a	Heodo
2020-09-16	ovVqY8dXQzbaTY6cAAd.exe	exe	df37ab7a6e7e4b902adea9407bed8e0be1435912396ef4082cee01723a61f85d	n/a	Heodo
2020-09-16	NdNMy8hRkmSI4wiX1.exe	exe	8dd32b79141cfadffc8a9e16d0a67a6ce1ce936c1800090930b21e3ca1530c31	n/a	Heodo
2020-09-16	GdQnjtnQgSrQK.exe	exe	316c0bdbaa301a9cab70bfc3f967cabc99c5cc1aaa723d03c044e5adb95b53c2	n/a	Heodo
2020-09-16	h.exe	exe	2763a758f4a0300b9c069faa721544f04f72eec6c4a04f00e7c9230ae0cf5580	n/a	Heodo
2020-09-16	755AaKBoolCt7.exe	exe	223460329decdb0f1cf9094e5dab5045f114e16e56fa7514c8bab872ce3acd09	n/a	Heodo
2020-09-16	nPrd.exe	exe	b4bd0283360339a6196072a0ce2005be25744a14667a4e3cc823e977d82ebe90	n/a	Heodo
2020-09-16	sFQk0VoJ374uxM.exe	exe	2870dbd11f667cc15e3852c80dd683e2b9d4e5d70f14c2e9dd2b3bc2f94d5ac8	n/a	Heodo
2020-09-16	M091QwD6DZqWc.exe	exe	def78a0cdc3b129975876423ac65818145bd25248b7c1ac29ac72f9e0f6d1914	n/a	Heodo
2020-09-16	LMJ6EZSojXnkEOJg.exe	exe	829b21d9f72489f8c0a9ae0c2b255d2358ecf2930cf0f063fba95aee60d983e0	n/a	Heodo
2020-09-16	8OoKGbczb6xdT59w6B.exe	exe	faa34878dce3628c509fb27a298de8e5a8dceec355b3281c9ef6116c8d63d17d	n/a	Heodo
2020-09-16	CsaUpOVd7xEBJBKjK.exe	exe	05fd658370a0261cf745e57126c90dd431c6f512e87ef036c346a788e26318dd	n/a	Heodo
2020-09-16	MxkqOy3o6CgkSn9ZqSO.exe	exe	4021edb3ae16dc39312154aac57c62b445683a33ae6aae03f5c6bc3ed04ad2d4	n/a	Heodo
2020-09-16	CimUrgD7C.exe	exe	455c5afdb545f5fcb92b92e3f9189cdeccdc41bbc330f12204246c0dcfa3c161	n/a	Heodo
2020-09-16	POq6R0dD5ee45X0V.exe	exe	e5df81abc441eab7a7543fadab3f7ccebb0b777b952b36bd76e18d72a3e6519d	n/a	Heodo
2020-09-16	XkGzzNGiNPeoqh.exe	exe	a7f0465e14114ca30bb4eca47b60911c033f32134bbb940baa478cb71b361cb5	n/a	Heodo
2020-09-16	4bKwEnF1IxUWUuWczDEE.exe	exe	635249b3e6ca55a2a66da4bb278c4d9e0fe452d269c80ef23961bdf5592aabae	n/a	Heodo
2020-09-16	38oPPCVgVFztdrC3iQvy.exe	exe	fc45563007fc22fa961d3ee887e90c3911177fb525c1a63c2729707004a376a4	n/a	Heodo
2020-09-16	wrcTD1WX.exe	exe	fae78a8291faa1bc4728ba819d607e4d01d6219ec5dc1eca5007d685df67c0dc	n/a	Heodo
2020-09-16	JWlOOEGOmxu49.exe	exe	672befc54c78cd70e27dda6f478eca1bfd560b73e30de141d4dcc9bfa0b79982	n/a	Heodo
2020-09-16	XXmvnmSbFLOCCxB.exe	exe	454747bd9c0dd0fbb6b32e7bd0e292311a7aa578977ec1d3a0f0966f720237d0	n/a	Heodo
2020-09-16	vc7b9BLR3kZMI.exe	exe	03a74b9e6b2b42965d1289a1c37e57436a8d2aff635cab982a4834158e4120f2	n/a	Heodo
2020-09-16	7A6C.exe	exe	3b4aa1fcfd816b1b8a78ac9bc348a465b984ba61ab49b4b6677fed9ff98b66b2	n/a	Heodo
2020-09-16	op2ZhOpdgRZNPtGsnNJ.exe	exe	f25eca3dd91ec52a86c84c34e56a00f2b7b2fffa493100428659d9fdea5a2a44	n/a	Heodo
2020-09-16	nC8YinDdhPhDYRnv.exe	exe	409ce1ba42d06bfd070894ebd93b0e65785c4029995e81dce35eb1ecc7721fa0	n/a	Heodo
2020-09-16	xPcbA.exe	exe	a341fc39b29ca1f589f25c10433364c4b173a1f4294d93ac5d2348d6665ff4ec	n/a	Heodo
2020-09-16	7iek4m5W84iUZ.exe	exe	d1ccb6be64dc6831d0f67ec175933e717c80f1e4b0624989ab934919d29d9f39	n/a	Heodo
2020-09-16	VMN2S7mNpGlmbKHp1SaH.exe	exe	7a4057b2d95e4f887cb48c1feccc553f2ead756eeabfbed9089a6ecd5d969a25	n/a	Heodo
2020-09-16	03dqM4vumVVDxuqU.exe	exe	babe8c67de57e72103033bd8ae7c9b0d563b1c3d2eb0cde03e211c78ccbefca2	n/a	Heodo
2020-09-16	lqOJ2PzHeA8EV4bEq.exe	exe	54ac330ecd2f6b8c970dbd5cede5f77385e1cdf55acb622faca1f513f9b0fd05	n/a	Heodo
2020-09-16	h4.exe	exe	b777b5cdbb6b518ad76edbfc9f489ad9dbce2ea5fde840a8554c235b00394c9f	n/a	Heodo
2020-09-16	H4iiTQjIKu.exe	exe	455ac035ebedf9db38675bcb48ed9c2a49c9c53472ffef6fcd328fbe337f171f	n/a	Heodo
2020-09-16	aSGJt.exe	exe	4902d5c1887c1ec68e2332e9f500c04752528e70dea178cc295c84c41ae30828	n/a	Heodo
2020-09-16	j4.exe	exe	e7e28876d86165bcbb6212f23b449d4ff28f67387eddd5af78d17d433bc96a23	n/a	Heodo
2020-09-16	CmSzRpteiXFU0.exe	exe	4fcd7700d769f478b28dd8b0cf80c83b708a242bc9afe8c525aa4840f42451e1	n/a	Heodo
2020-09-16	AAVh1fOlUl7Li1HN.exe	exe	f39e22f1dad91816716db4cd818ab717e153e843e960e45941c8c3295bd53cbd	n/a	Heodo
2020-09-15	XIbMpJB.exe	exe	58333856212637faac73722eb640dc1539e0bf6298c1f1e6409acd39040cd98d	n/a	Heodo
2020-09-15	zM1zvIehqZpDHDghhon.exe	exe	61ceb2629b4ade5b713ab18cfd4facf328357ab1f428dcc1d566045663e1a795	n/a	Heodo
2020-09-15	T9.exe	exe	e2872ccd79abd4189921ae2fa4945c3294e7ddc41b1993e1e9100575ee40e993	n/a	Heodo
2020-09-15	52qF.exe	exe	4cfb77fca776b25b1acfb2f6faa0528b702975167d6bb9a772fdc98bb22aee5b	n/a	Heodo
2020-09-15	A7g2X.exe	exe	40daed7f6f2e2982fc769fed2149a6b7bd7cea16b2fa41060669093b097e47bc	n/a	Heodo
2020-09-15	RJnmT7RD9uZ.exe	exe	559475f7ba12be23dda4defbf2f1cd7f5bc99264fa0a2059419c0bea6c41d0b2	n/a	Heodo
2020-09-15	ZiFB.exe	exe	e3237c8ef273b528e53188b283cb3eee60763d3a91961a3d26389f3e8673b47e	n/a	Heodo
2020-09-15	wTCH7MNB8.exe	exe	011d37f9a9b9b3754c1569f7d2e4d9c8d1552b00790a4afacb6e9b2a87f70df0	n/a	Heodo
2020-09-15	6D.exe	exe	7de4c67c804ebfbf8687649f740cf5f320f22093764ddc9b132f6b6b0b89540f	n/a	Heodo
2020-09-15	xpiupPuyj.exe	exe	5a9948983966b51a6b311095e8cc12b531af9d5bbd21ac8b34fdd99d21700d47	n/a	Heodo
2020-09-15	qZC.exe	exe	2f7282e550e45905d6ad666f9673a646725e168e8bff3f99247f103949a28863	n/a	Heodo
2020-09-15	8B5iTbGhcxaQWsOWlw9.exe	exe	d645db4e16d313855e65fd6b0970ca207369e4173a332ca5fad6be65d779bc09	n/a	Heodo
2020-09-15	OB7EI7U4O7poa1olX0dx.exe	exe	67c154e6190694cc1bd0b03c105204aeaa60a3482870c290c2c3a518f887a44e	n/a	Heodo
2020-09-15	JyTAkSt.exe	exe	568e0b87c97ce5f329f22fdd62106b8b9124d33ba079f09f59b81066d057758c	n/a	Heodo
2020-09-15	NXfUEtpoKwf.exe	exe	fe1ae118b08768e87660adf107ca9c46feace1029a6c5eadc14fa077e87d67f7	n/a	Heodo
2020-09-15	l0.exe	exe	5d4d79f117868c3a1b9e60077b6dec5f9083584f86b0238f2e42dff472c2eb6c	n/a	Heodo
2020-09-15	ql.exe	exe	4afc571cc0f123800e04f9f36b6d14bfd1aa6063f460bee8a4aa9689c6752d42	n/a	Heodo
2020-09-15	gvEKfUafXpshWM.exe	exe	d40bf58dff064a986bec1dd86732c702bfc47fcc246cfeafa4d65d768d73dd7e	n/a	Heodo
2020-09-15	KCfr2v3.exe	exe	f3e3498a10a8b0051183d1a0f270ee734ea44f04fc2f7415d9225a9effcff1c3	n/a	Heodo
2020-09-15	CRfto0.exe	exe	6952b6f6d9b46f3cf8d9c13dbdfa09bb2df7eac56eea6186efdac068d0a99895	n/a	Heodo
2020-09-15	gXxrfvWyIP.exe	exe	064ef10eab100f81611b1226c851b8d27ff688c998b589e4c101f7743e5b10ee	n/a	Heodo
2020-09-15	LhGC2AL6.exe	exe	3085b2e2d36a04d0b2f3e1ab4c0110c3362f6637edb3105128e28bdc4fa2744c	n/a	Heodo
2020-09-15	kFZjqNn11Iil.exe	exe	4ecb65c341b9f95e32eb99933285647ce1dcf8f17bd9f2d122332d8870278b52	n/a	Heodo
2020-09-15	yRLkXwyzb.exe	exe	60a33ee86b088479924ccbf3ba9c010b660d46fce93047677196e9b5cfe0dfb6	n/a	Heodo
2020-09-15	EaI.exe	exe	e5db8ec999b28982edbd8d68e58c58c151019d8d5101e17d69c0953042f1ac56	n/a	Heodo
2020-09-15	3.exe	exe	62dec9f945a6652915564004a6fdb08bacc20ceb24a79a38317a4bd1d2a6f619	n/a	Heodo
2020-09-15	LpauGm.exe	exe	41a55ddc9b4e295216a37bf3b90ded7e809e2250403a3b917cb4cc1cd8764e12	n/a	Heodo
2020-09-15	XThCrasXK9fnSPp.exe	exe	57fb232bd2da9434d224b17deb66387d737d68102c06a1b0b518dd0d1ce6272c	n/a	Heodo
2020-09-15	hIFpJAx.exe	exe	a9d6261fd7bb4dae9dd2a5e933275caa3f2d863e7438c0e55296da714cfcf00a	n/a	Heodo
2020-09-15	YK0qXksooE7dxVli4IM.exe	exe	124641adc7ade41614184b89fdd3ed1d2cc0c1bd6048ef7958925bac8ae19cba	n/a	Heodo
2020-09-15	ja9N01dRLp1Rtq2mk.exe	exe	d50c26732932ee35fbfdfd622ac5cb91f919f370c02154ee929facead1c06bd0	n/a	Heodo
2020-09-15	mVkHcKRslbx8dwGyyy1V.exe	exe	97fc56869e6abac07978fcc35e8243f868c8c3dafcf0ad5e1aeee20711ff4fb2	n/a	Heodo
2020-09-15	C5MUz4NxY97kZTnggdLE.exe	exe	d6fbbcb9c9acd4dce7841c013f24bde5f63bf776e7951627729adce7dbbafe02	n/a	Heodo
2020-09-15	rTuxpuz8HHL0pI.exe	exe	d2695aaf585bc8f7ecc0d2e34d9ce410cfad290782489811c9072d977715aca3	n/a	Heodo
2020-09-15	s3D9bF.exe	exe	32ed960dcb9baa74cab40794ff1a2277014dbe7c715aa35806eb6636ea734525	n/a	Heodo
2020-09-15	2.exe	exe	21c06e499253457e63f36de9e14c9452164dd3c163926c9c13827db935e9fc54	n/a	Heodo
2020-09-15	6b87v9eYcKd2zEzHz.exe	exe	8f3fcbb34f9e160a8bffe1a0f78fb38acf3de7a8f9518c8580cb4dc1acca0b01	n/a	Heodo
2020-09-15	zfvcjRJKdU.exe	exe	062be6d96aa9c1dedc39d35a1af9c006f83352f75d720a433e25d9508f0ab16f	n/a	Heodo
2020-09-15	BBp188WJf7cKHhhwxY.exe	exe	1b4881f0244a21ccab07a686a6255a194fe934076a6f8b74e4fd688138649707	n/a	Heodo
2020-09-15	ZcfUbSCpEYbqNcL7jm.exe	exe	5d390ff6022fd2891a6259bc1c53a81c4a94db4d8a0a54f2596daeb3e93c6f02	n/a	Heodo
2020-09-15	gG9duOKoih.exe	exe	14fc2ba9659a33f5d4dfb4534bb8b9f9997223ae9cf96850ee85844731f145e5	n/a	Heodo
2020-09-15	UbhTxSVaw.exe	exe	e206391a419e15e771bf3c5160da3cd3800acbd23c509f744e746dfce36d58bc	16.18%	Heodo
2020-09-15	lRLs.exe	exe	d2781699c52793b50d9213c9e8c06fcf382957b3b80a31318f420301d6ae8402	8.96%	Heodo
2020-09-15	pYttWj29sUixlYZXQ.exe	exe	6ff52e0eb98a807f5b09fdeae2d12a9cd877bedb9b4c4d734c8939ee15a1acb0	10.61%	Heodo
2020-09-15	jCcGalrMZ5Vi8eIomj.exe	exe	53661760173c704efec6cfb8c028c7ac2b3c587569a45ff94f2e83d17d90087f	11.76%	Heodo
2020-09-14	pwHimsjMXSyU.exe	exe	ae0626ca023c33c0119c973549fbf67d659c6630ec06cc91f72f4952ce9bdfec	7.35%	Heodo