URLhaus Database

You are currently viewing the URLhaus database entry for http://blog.gadzoom.net/wp-includes/g0/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	716849
URL:	http://blog.gadzoom.net/wp-includes/g0/
URL Status:	Offline
Host:	blog.gadzoom.net
Date added:	2020-10-19 09:28:06 UTC
Last online:	2020-10-19 16:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-10-19 09:30:21 UTC to abuse{at}amazonaws[dot]com)
Takedown time:	6 hours, 43 minutes (down since 2020-10-19 16:13:58 UTC)
Tags:	emotet epoch1 exe heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-10-19	SN9dcpjJFwe1g.exe	exe	7f7d7c5e5944d16149ba1e6e47c0b9057da9e5fc38e67782171dcc1578588a18	n/a	Heodo
2020-10-19	XUZreLlrcw2VJjN.exe	exe	6b71adbf0b442cee29706ecd791b9957d777a8fe2a8c343e3726266ab139708d	n/a	Heodo
2020-10-19	SqTkoree1E9J.exe	exe	dfbb4f9e0a6b9bb1bfe82c2a33430f6292fd53e47864b89d9d56524cf2e5af07	n/a	Heodo
2020-10-19	VscaaXWPeHI9i3.exe	exe	4402de5a608a381f4fb3145418d43fbef8c30660189bf3fe05d3054e34ded7b4	n/a	Heodo
2020-10-19	hj6jw.exe	exe	aabaec6754b959eb71b03d5843b5f323633c7bf5b9995e3c327ef6ed43ac801b	n/a	Heodo
2020-10-19	aq4gsP3cc5Wh.exe	exe	58a99a9c0458043487ef12b8944a672bd0abd56b7efafe6674afa75f7f6b9123	n/a	Heodo
2020-10-19	lc88g.exe	exe	19c7834005f8b52ad8592b0e6b7a6fb375357f12e2b11ddfb6e9132e80ad609f	n/a	Heodo
2020-10-19	vvb61f0R5P330oBeQO.exe	exe	e2d85b9d5e177590528bf2ba1cb58a41b2a0ab59e4831d8b21cfa08ee0c813e3	n/a	Heodo
2020-10-19	VGAooDKdrdMoNjm.exe	exe	ef57f5bcb1779847ab0da19b80635715c00d92b0618bdfdf1458fa3bf3ab4507	n/a	Heodo
2020-10-19	qhwyzuxwtBOeCTi9.exe	exe	33ee7efb2dbddfe1e5722a450613455d5584e777c4d0a92fbb3fe11faf28d8ab	9.86%	Heodo
2020-10-19	MS9L.exe	exe	23ac2ab537c819ae4bdfa9b6aa102d2a8cab24e7f3e85f95d9032ee092e04b69	n/a	Heodo
2020-10-19	k79jp1.exe	exe	0270c3e96b59251783e2bd7cfbcbf5162c105b8e7ed5c53fbcc0911d1e5e16d8	15.71%	Heodo
2020-10-19	iCK5UUuNEGncb.exe	exe	5a7c441bb4302a5681ed19961028e4262ff5f7b450ea6035fcb9302743fcf6ab	n/a	Heodo
2020-10-19	Yi6M6drohLG9.exe	exe	9df1048cea7650959ce7a402917562515f3595aa8bdb2ae270de7a4f8904a7cf	15.71%	Heodo
2020-10-19	3JXH3K3yyt1ihxEr.exe	exe	e4400abca0c5d5c377caa8983be09efd0346f5a5527d8741ec953507a9f19978	n/a	Heodo
2020-10-19	j5QkLLsw11RPzyaf0RD.exe	exe	2470c84588a6ed9e9f99640074a315dab619c8480fb52a10a9a5aec88f097521	n/a	Heodo
2020-10-19	uJ6e7BK.exe	exe	73d9de91872adea3c1321d5954236bd263727b897eaca1648b204a91628ab36d	n/a	Heodo
2020-10-19	YXSPz3AO5GoBzCrMr.exe	exe	b36cb42f36e5bda95136b5669461c4afffb255d99ac6ecf37231a7f081eea131	n/a	Heodo
2020-10-19	ylGTB.exe	exe	47259f3079ad41e0cc40476964c17907a466a948bab88495b880c294e7e5e99d	n/a	Heodo