URLhaus Database

You are currently viewing the URLhaus database entry for https://layagroup.net/wp-admin/5h/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:719773
URL: https://layagroup.net/wp-admin/5h/
URL Status:Offline
Host: layagroup.net
Date added:2020-10-19 20:24:11 UTC
Last online:2020-10-20 11:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-19 20:26:09 UTC to abuse{at}hivelocity[dot]net)
Takedown time:15 hours, 31 minutes Good (down since 2020-10-20 11:57:41 UTC)
Tags:emotet link epoch1 exe heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-20ngfIIHBjNbN.exeexe b267c3aa9fea4fb90669cd1792aa58034e2ea1db257bd2a3e58b1ffa42cd64afn/aHeodo
2020-10-20EjGk3nJHA.exeexe 4607fa16f68942ffc61b73c8fb346d9c7dd5c71cb7b069d5d5bd731a461fae93Virustotal results 12.90%Heodo
2020-10-20WLynMSrVykrU2z.exeexe ee670214d5ced5a14cadc9950c2dffe46ad10f7939ff1c8e3e1326f27fde9e1cn/aHeodo
2020-10-20OD4JrIf.exeexe 363a05a9c231d57212c3d33c6d868b6630eb43150828f5d2a70ca513821c9648Virustotal results 12.86%Heodo
2020-10-20X2uiB77.exeexe 972085d4daf39fcb0a4677849a6db9b89060ee1e8aa7b6d3b6f8599e8d352a0fn/aHeodo
2020-10-20JAogxNSXg3FHWN.exeexe 54a356c80fe6d67169f610e28ab8217a94cdf9ef962440ba68941aab9ae4067en/aHeodo
2020-10-20ASA4N5iU2XlitsuEJm.exeexe fc0790691e903d5e2502e442039ca2bd84a0e4c3fbad09a1bd30c5e414542c5eVirustotal results 17.14% Heodo
2020-10-20FqFmMzSV.exeexe c245f57468dd08522549b0de298f78b83c06987a10c9d4b328436a96a063b3d3n/aHeodo
2020-10-20ueva.exeexe 7bf25efc608a50dfc0cee99465f7f4cca32ff8126803e326f93639536e21bfe6n/a Heodo
2020-10-20XBLF.exeexe 903cc87cd59a4896b47cf88982e2e12dcd9be42c30ed760e9feb90f0b1687297Virustotal results 16.90%Heodo
2020-10-206CUPh3ywFi7hiDJ4c4l.exeexe d45046d4132fc9ebdf2fc2b9f5db454ef4283f6115175139f6a61168b67912e7n/aHeodo
2020-10-200mJaE8DvV3Y.exeexe 05377dbfdd2ebac80315b9a352f8928f353b3a4f89eec6d085706e4e6d458523n/a Heodo
2020-10-20gPPE0.exeexe d9c8b680e38d768e307d50674938f2391c4b051eb549e4c20c459a3aeb264820n/aHeodo
2020-10-20mKblgNNCE3ed.exeexe 1bdfdaff6882e6505955b7e1cb18418dc6a3ed527ba68a4ac8b395f48b553ab4Virustotal results 17.91%Heodo
2020-10-20pq0SaVTq2WajRDwr7hwmL.exeexe 07f9419aaa930614c1ee9a12348751283b83beda36b267c47759f79e41575501Virustotal results 29.85%Heodo
2020-10-20ir4RCmHxJoHjQqZPZ.exeexe d3c569425b8356d89477a62c44a4e375b5c56b7a8b63a773ad7614f518c5a32dn/aHeodo
2020-10-20h7zdJPChoNNq11.exeexe a0c95bef35c435fe6a2d0b28e9428cabecb888ab7e1982d335cf70122e0fe3e7Virustotal results 24.29%Heodo
2020-10-20MrY7aa6LI8WDPJ0QQYe.exeexe ff56a41435c97a7c0d8bead133fbc28cd19f6aeba11405689c66242e27c08c54Virustotal results 21.13% Heodo
2020-10-204FvGxnzEhf.exeexe 834c2b4d3055fad34023cd8148baa98740d0a888f5412dbdf68610d47e440bddn/aHeodo
2020-10-20neu29M3vgr7cH8.exeexe e13af91b444703aa59dd6d6cb133048eef0a62fd6933efdb743075cff63c5571Virustotal results 20.59%Heodo
2020-10-20lZI.exeexe c030a5770820e72ec6e7a0835fcb6cf6ae2cdd303dbbf91df421519f8c0211d6n/aHeodo
2020-10-20qjm3iNw.exeexe 8ab4237df2b5f70126e5c50628fa2f4be79796787bbc2738a46f9fdfa4c02018n/aHeodo
2020-10-20PKK6ObVSH.exeexe 3f64dcead90f73117f932e1148c58e3351d13af3c80dd74adb32fa305163d073n/a Heodo
2020-10-20kjkf77Fp3niU.exeexe c74bcebf2c2573968405bc2a524cf9a694dd02aa4600bba1e35a02dfee88a2e2Virustotal results 17.14%Heodo
2020-10-2088wT1xBvj2VQKWnR.exeexe 41a3c7da4ed9ef277900857141e459c387c6324ff9b00e1828b593af39167b8en/aHeodo
2020-10-20sEOUPnP3i7mY3D8y.exeexe 26f3c6d1e3237e2cbe6a5b5a83befd7714d601db4e47c78dd0dfbfe727c67440n/a Heodo
2020-10-20eRA8v4A0iPn9nNZXFF.exeexe 2de4d99edd1d7f0c31481c13ee2c2bc1a81ec5090e8293f399c3c90b96e8860cn/aHeodo
2020-10-20UM37S0DhwrhDpifjp.exeexe 3bed390b72cd429938b6aa20b55ae6f58a21d4871cfc91d66c66bef6b8eab890n/a Heodo
2020-10-195V5vYNosrRj22lzVMWTV.exeexe e6436cf6fa2ffb0bfe15cd974b6ec7c83312797bb26133a5046eb583ff7d2026n/aHeodo
2020-10-19Qj7.exeexe 183e48a9376921f454c83901847ad7b88940ec7a325532c657ff3ec6c78b83aeVirustotal results 17.91% Heodo
2020-10-1977SdjIjfrP.exeexe 99da2029c09b584bb0cb9c5d067fea1d884b0d36c2de347087b3d76eded144adVirustotal results 16.90% Heodo
2020-10-19rlKnwK1785GZOaQKui.exeexe 0857bbea50b4ac8a5664277b2832158f39a186158f14262be0bdcdb1e34d2ab4Virustotal results 17.14% Heodo
2020-10-19QUP3MHU1Ko.exeexe 72e45bf850a26b5726f4c98710e6dbb76a33306008375b2480f3a1b0dd121fe3n/a Heodo
2020-10-19um9wjhFBi.exeexe 32dc1730ee41b8193baf7bf6e4091e2d7f9b005179c9913d43e6314e84279333Virustotal results 9.86% Heodo
2020-10-19ESCKE1lesH7hCwPP5.exeexe 47ed9e2d53e3e099a354926329bcc3f3576d7539c891951ad992710dcea982c2n/a Heodo
2020-10-19PEe1ZGAp2a91I23tGQg.exeexe 3db889cfdc1bef38275e96963037300aeabefca45b4228f58b29ff3c17a2f9ffn/a Heodo
2020-10-19wzDK7Qt8uwmWFlSnwc.exeexe 1968eac07e13eea409dff196ec1dec80c1e53d1f2bf9d51413776599deb72660n/a Heodo
2020-10-195eseQ.exeexe 588783f33c31258e00d3126dcd26de9f81962c2083698152c09d222583fdbfeen/a Heodo