URLhaus Database

You are currently viewing the URLhaus database entry for http://it-eg.com/s0tZci which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry




ID:58010
URL: http://it-eg.com/s0tZci
URL Status:Offline
Host: it-eg.com
Date added:2018-09-19 14:27:16 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@unixronin
Abuse complaint sent (?): Yes (2018-09-19 14:28:12 UTC to abusencc{at}interserver[dot]net)
Takedown time:1 month, 15 days, 22 hours, 44 minutes Bad
Tags:emotet link exe heodo link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-09-213597987.exeexe f81e33e1cb46de8810ea6465d0bb2a77375ec0a4b36f25fdf23805f93609fc76Virustotal results 29.41%
2018-09-2090.exeexe 29917a77f6ae29440a95ec64b25ea3e1ea594a235500d63bec3a49d373e5fcd2Virustotal results 23.19%Heodo
2018-09-2045680.exeexe 775c6e705f49f3bc5c3afb95fb3e383b0b55260298efb91a02fcfee7003f3bd3Virustotal results 23.53%Heodo
2018-09-20640897.exeexe 168812f3a6316d7d2db78924d0f0019d8700d4fd8f672f0ff0ca9e296b1dee18Virustotal results 23.19%
2018-09-2061867.exeexe 39e8d93e086a2e29401f1d7d6747742bee362d9600de7f69ff7cfd72509bea48Virustotal results 17.65%Heodo
2018-09-2096.exeexe 98f66f74344f65bcfe59e888252dd9327b6e01a81efd8bb909c621cd76ea0476Virustotal results 22.06%
2018-09-1948277.exeexe 029de5e7deebe8707f7a92be27ae1465937ec72051220da7ebbc93a57ff38f26Virustotal results 8.82%
2018-09-1943255.exeexe 9a0c828e2ee630e8accf5738d4d1a737a5f197c3fba22b19c1e515ef1c5b21bcVirustotal results 23.88%Heodo
2018-09-1989135982.exeexe ed7e59bc55cf7df40d04d8bbe1e2fe57b6dc954865fbf2f670f1208c60150194Virustotal results 17.91%Heodo
2018-09-194612.exeexe e14207ab1395815655013684cefcde46edc39a78196bdc9d280d770eb62ff9e9Virustotal results 7.35%Heodo