URLhaus Database

You are currently viewing the URLhaus database entry for http://castlestudios.com/bots/7/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	599321
URL:	http://castlestudios.com/bots/7/
URL Status:	Offline
Host:	castlestudios.com
Date added:	2020-09-22 18:34:17 UTC
Last online:	2020-09-23 15:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-09-22 18:36:30 UTC to abuse{at}inmotionhosting[dot]com)
Takedown time:	20 hours, 27 minutes (down since 2020-09-23 15:04:13 UTC)
Tags:	emotet epoch1 exe heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-23	IwFVY.exe	exe	e7831b03ce95b3c6ee794a8e5e867fac44a03717b0ffc518d58b5f0653f6b90b	n/a	Heodo
2020-09-23	O7bQ.exe	exe	7e6cb566863541a0105e0b6d3b6dfbd0fa9672c2968c2e52cae4f47ff95fb35c	n/a	Heodo
2020-09-23	TM8N.exe	exe	192b2fb255ab7702c1a16b572ef84c54cee64bb1e868a04ed092cf14c9bce163	n/a	Heodo
2020-09-23	yq8w6i.exe	exe	7e0b5175f8dc10a75f1295449eb47c0a66ef9c714b353e41a2b696af380eb368	n/a	Heodo
2020-09-23	ChY3Mup50TVHs3H.exe	exe	a947b9660dd071bed527ea570cb93c6406b933267e115da8976667b6906d553e	n/a	Heodo
2020-09-23	J9CAveXshDOE.exe	exe	fc0bc2ef648f11c69663f045107eb928bbaad06b6aa840b0b376fb9204694edf	n/a	Heodo
2020-09-23	H1RXspRJfRb5SXiCbgsz.exe	exe	52614bbc26d3e0928895d52212e8c38bc927113ffb264eb75bcf605c01e064e8	n/a	Heodo
2020-09-23	QtT1VTGzGH65bemJ6Cv6A.exe	exe	b09a557413c664f931a7cf6097e361d27daed557290bc8145152c1f8ef046e41	n/a	Heodo
2020-09-23	8BzD.exe	exe	b488a60a23650770364805c7615ccac393abf5af441786ef84aa083b2e20909b	n/a	Heodo
2020-09-23	dKiWJenyOy00.exe	exe	4b1933390c7dab97352a92144535c1b56a1397b3f7d447e4df065624e358bd8f	n/a	Heodo
2020-09-23	hFCrIxDkxRWeo.exe	exe	67a80fb2f3e4422739c31324cc5b40b34ac4bfa5b72eed37e3c3bc2cd4c131a2	n/a	Heodo
2020-09-23	7cY0bG.exe	exe	422a94faccbdf52de54c3689563da4ac5523eb2cde80acc8d5d9e091b67d5981	n/a	Heodo
2020-09-23	v4YQj1L9f3WC.exe	exe	2bdaee9cd4a594487477d383988601b1b6d70f5ae1f530144675c4b46acfee96	n/a	Heodo
2020-09-23	KyMJeB2cZECZKhYATMzgI.exe	exe	c106d88ddebfbeee3d44f7ef0d0c9c17c2f9fb165909c4275b0e04479732e593	n/a	Heodo
2020-09-23	ONPy.exe	exe	89a1a3d6ebbcd0f1afa97cb66635269f8a08a1ab500b33cd77f2f1d5890c5863	n/a	Heodo
2020-09-23	zYx.exe	exe	75783785c0f45a353833b995a08c62252f69260f2ea162c4ac497c94ec98c589	n/a	Heodo
2020-09-23	XNqV.exe	exe	94e3b630feb23c7dde4cceb5d7f2e7a5ab4eed3689dd98a1e9be069dcd26847a	n/a	Heodo
2020-09-23	LrDqED3VFOc0jEGhR.exe	exe	a6ecf81d6cf3f65bbb7548d461989160074c5c3761bcab5ade57e0fa3e5bec82	n/a	Heodo
2020-09-23	DdNxwe3.exe	exe	0684a41bef2e7f13d1c7bd3a15fed2cd4e77ffb70d6285cc360eeb017445f052	15.71%	Heodo
2020-09-23	iION9gxuGGjcXq.exe	exe	1b9ad6189d3658dff640548223262076d1607591f096470c9cb0e800cd074bc1	n/a	Heodo
2020-09-23	SED5DAR1ailJehU3IxcYu.exe	exe	b193bf8c9c8304dbfc5020f07162ced5ff4324dd66e247b42b886b3f3a210d9e	n/a	Heodo
2020-09-23	aKKN7.exe	exe	6a3dfb33268121b88ad0e670d7adaf9282c07ed5d7dde09b8b156e7faa91b1fa	n/a	Heodo
2020-09-22	D5zZ3ZDgxf5lkhbO.exe	exe	da73cc0329e5b4d4e20f96370079b116b2d15d727bfc4f535ab9d82acc35bf53	n/a	Heodo
2020-09-22	lAiTtZAPUFxc8.exe	exe	02e631282140c23e9dd04457b7cf2f8c9129677323c66f26a28199fb34b6de30	15.49%	Heodo
2020-09-22	DHmE3Q7.exe	exe	6cec9640e976bc3dc43e3cf5d8d7775a69038d290b7a8ca15027b251d76eccc1	n/a	Heodo
2020-09-22	Wh3McN3xP5a.exe	exe	13cd4c496cbc1026e2d15d991dc8ee3b878b164f5abaed0274b9ea766bb4517c	n/a	Heodo
2020-09-22	253EdApOJTtHC5x3mL.exe	exe	8bc21e1e6e24ebcfcc20f25962ce2e38f492ea05af4a405687175b22aa1398fc	n/a	Heodo
2020-09-22	idQ5M7o.exe	exe	46ea3d7b8b91cc00467fea86f3b5db5588effcb9e0eec31400e5ba3d1f4d2d7d	n/a	Heodo
2020-09-22	00Itkv601pQKUQbpQ.exe	exe	e90030fd31015f6192bad3895a854506283740611dca37ec84432de7ab8323ec	n/a	Heodo
2020-09-22	TvyFVYc5fej.exe	exe	998302ca07067e9eb4d993a81e72c650060cb77aaa561e28d69b76cfe6396462	n/a	Heodo
2020-09-22	diU8zAbg9dw1K6SV70.exe	exe	19af825fa6b90ff9778b57b3c85ea4631e9e482c8e5d091266b819464fe70c55	n/a	Heodo
2020-09-22	ZF4SeZay3oB7U.exe	exe	39854bf2912e798d0dd60b33ac043f009b6e7527e670c3de346da20b994eb95f	n/a	Heodo
2020-09-22	RRKaUlZrqVz.exe	exe	096f321d1430186c53f4e661b3df2d0fb96d2ac6406009d9156a9fbf3fd8afd3	n/a	Heodo
2020-09-22	kkDfVft8gCUfsTi.exe	exe	37cce5263e1c3779719257a9f35c07da1dccbf0b70c6df5741c1c41ca163ca9d	14.08%	Heodo
2020-09-22	TA0n9PqwWIxxM.exe	exe	c876b2794f9d02d228faf33d99d91e846b0172663d36a980677df07825c173dd	15.71%	Heodo
2020-09-22	zZB.exe	exe	5aff08ce448f7f1bb648a1f5005fbbf07fdc16b148391baa570dbfc6001b83d7	15.49%	Heodo
2020-09-22	UMc7ovD9ifaqOqpYWcIE.exe	exe	ea616b47db2d9d84368d791e2f0443f13cf654ddb7693a7551a3083f1be1fb00	n/a	Heodo
2020-09-22	bCYz22eomq2RKl.exe	exe	4ed1943fa222e20bd51d5dfd9e712488480f729b8c3795894039aa705cfe3bb9	n/a	Heodo