URLhaus Database

You are currently viewing the URLhaus database entry for http://geevida.com/wp-admin/DhWo/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	533023
URL:	http://geevida.com/wp-admin/DhWo/
URL Status:	Offline
Host:	geevida.com
Date added:	2020-09-16 14:45:12 UTC
Last online:	2020-09-17 04:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-09-16 14:46:47 UTC to abuse{at}amazonaws[dot]com)
Takedown time:	13 hours, 50 minutes (down since 2020-09-17 04:37:06 UTC)
Tags:	emotet epoch2 exe heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-17	U.exe	exe	5ec63c3234fdd7fd8e92e45a3f0ef5fe86b44618fb638fad3daf360e931ddf21	n/a	Heodo
2020-09-17	mmYI.exe	exe	3b3a722b212cbb2dcc40fdf5130071401300e094a84b732d15e8f13f4f817aa8	n/a	Heodo
2020-09-17	Hc1rk0.exe	exe	ec2153ae450b0d5cd3c0d3370a4a9f9d92aba8d5a839dcae97d6194a6065c7c2	n/a	Heodo
2020-09-17	gsUtVWCsl7VqWdtCr.exe	exe	8dbfe450fdbe5dafe10bbb63092027b5f79fca7db32cac5b7fe315c0b59feee4	n/a	Heodo
2020-09-17	iOLkr2IcquClaDj.exe	exe	9fe1e1f59a67a101bbf73ecd75c889880fae37387a726ff72c8e2a99feb262f0	n/a	Heodo
2020-09-17	pN.exe	exe	b61a394683eff0dd7f17dfab4ff6f37a31c2f80f2c6f9e3d0850c990c6da25de	n/a	Heodo
2020-09-17	IykmpL6QOLK.exe	exe	4e021bd151ad35a7a2936a5d9b9c0366f8bd4a941763f43b4438cd312e2290cd	13.64%	Heodo
2020-09-17	53N7DMv92RexEFFR.exe	exe	74d93bfbc6db4cfddc4576236c93ba4548002e9b0e2f3049dba0e420f8a2257a	n/a	Heodo
2020-09-17	dV3ZUY9OWU2JCg.exe	exe	ca3515a88e63a67cf3da844c6cddb0dbbd8b44025742b18f0b8fdd1fb6f80d7e	n/a	Heodo
2020-09-17	cglJQ6oPPN2kejEYP.exe	exe	e1a7a0256ce4079043339ebdc00a9b936e5f33762d6513f1e8ec4ed8b431d25f	n/a	Heodo
2020-09-17	GyLXLW0bMNoha.exe	exe	4b2a5f55376c1451e084defc15de54f374440943c913e9ae84535780feea4920	n/a	Heodo
2020-09-17	DJOofYeQspqRlLMl6iPe.exe	exe	4bef242724cdbf798a7a90d7dd740ee8ea4747bf1ba784025e12db804900a749	14.71%	Heodo
2020-09-17	AHrhUWfQXZbs5USVu3.exe	exe	5775038f55b012ad36a696dc0c956d3331f35cb21d309032ca0e2fcc4e2f8ec2	14.93%	Heodo
2020-09-17	ocuuUCrtJ6m9YRwao2v.exe	exe	fa056fd32eb71a81d62c62c174e2abbe599c3a852ef07204402395d6310abe38	n/a	Heodo
2020-09-17	OEJrmLWKusmlSKAPzSN.exe	exe	d2238a3ec79277e85dae3c43cdc0bf4b7bb05e1124cc4fac05479fac1ca5d038	n/a	Heodo
2020-09-16	pxJx.exe	exe	d4e99ada9530f77403e0568c61a9b5ec59aea29a40ccc42ccd422b6056f66c4b	n/a	Heodo
2020-09-16	tdKrOgr.exe	exe	5769186b9efd6888475040667ef74d243ade3198d07f25d2aece375591f67a94	n/a	Heodo
2020-09-16	3XrrJWWt.exe	exe	ef580ae855ab67efa285367f6dde00fabd80826065382357995221fd1d342a63	n/a	Heodo
2020-09-16	MiBK7WLmwIY77AJGJ.exe	exe	27a50c3edd9f812fd1a2e74145676be09f227bb5f631e61ef0e8a9a8ca426250	14.71%	Heodo
2020-09-16	RIzw20bMjXjJyxbkHl.exe	exe	f2dac6e979a295051ef8c2baa1e7e04d694e69b3d021019a2c80b742bfe10e7e	n/a	Heodo
2020-09-16	tP1NaV4d1lAKfqQcv.exe	exe	b50e4611684f789bb7304596d62b584e0bf6feb87228b9509401c376ee2bf96e	n/a	Heodo
2020-09-16	pG2TY58Zwc69Tpscw.exe	exe	60764e14b016bf5bc78c78727d5942fbd24652de76dc7b841f071a22a1ba960c	n/a	Heodo
2020-09-16	WA8LaX1c1gr.exe	exe	af95a87727bf783dbd18f5562c51fb5a9dc39a23587dd1e23eb0322ce6c61b2b	n/a	Heodo
2020-09-16	1BJ.exe	exe	8806e7c6cec75474a7383fb3577bf1553caaae09f6a81e0009a23b1d8d52019f	n/a	Heodo
2020-09-16	IIukcJv.exe	exe	f9b0563d0d0aa2fe3e0193eb79f5daa816c27a335a41773a77aab0ff5a388ae7	n/a	Heodo
2020-09-16	OV9Afv8GS.exe	exe	f315b9e98ba7a0ada109102797942cd6b893579d8195eab91978844d8a9d5420	n/a	Heodo
2020-09-16	0.exe	exe	7a8b8cf4f132eae25a8693451421b1e08ce2267ab879815e5214bb3aaa5d4462	n/a	Heodo
2020-09-16	l6i6XXm0ia7KK.exe	exe	dbda8445e90544f52bef86aba124158952b6468f8af0881bc21587ba84383a7d	n/a	Heodo
2020-09-16	YWNr.exe	exe	c62a9910016ec5de9b5253c0af521702ab7bae5ef5c9d2d61be11aec143a6902	n/a	Heodo
2020-09-16	YV1Of2AM9rd.exe	exe	3e7625cd2b7513fb76fe5e9142b92897125d0b9622bcef2c16943aa398b9568f	n/a	Heodo
2020-09-16	fRZjvQWXS.exe	exe	f5468ba89f4a3793c698de8faf8226e84db5867d9062ccc40560739d0b4d01d0	n/a	Heodo
2020-09-16	WqIZ.exe	exe	35e1ca73c4e208ac3103ef31278447ab250f3b2219e0ec45c0fd83b92dad2e0d	n/a	Heodo
2020-09-16	YgP8R4fWx.exe	exe	c9869e337dce04820681c94e744623b732ddd91bc3a0bf93a9a78d5986f6303c	n/a	Heodo
2020-09-16	CuRnwJGkhM2.exe	exe	347ce8cccabe55a5be417aa03204788aa3217677632bb52fd0cfc3c3ae24df5f	17.39%	Heodo
2020-09-16	w2fOEmJ.exe	exe	99f6f7770571b12f65b69f6635a84024ffd2b235352808c04c165a787727f4db	n/a	Heodo
2020-09-16	SGYIOHHybLtQ1zAiz.exe	exe	7e86e101e5b5665bd0274273b1053e94331286277049913160954e4c079c1f71	13.24%	Heodo
2020-09-16	BKihkkzsHk7BTjo7.exe	exe	3bae879429a385db398584cc3567badf038cac6e540ff2dc250bcdac314fcd12	n/a	Heodo
2020-09-16	VaYNHj2pcyJ.exe	exe	056ce36f035cf2a520efe808181e69714d348790a584aabc8fafc85a541965b3	n/a	Heodo
2020-09-16	pi.exe	exe	95bc2eed9c07af5d3b88dc5337358581cba66d54c0ad3eeaf90903aa8b196a8b	n/a	Heodo
2020-09-16	Ai0ttPdEO6Ef.exe	exe	484aa24af795354ee536474f8e562bc3d34f336f0441f24f6ddde00101ae5f47	n/a	Heodo