URLhaus Database

You are currently viewing the URLhaus database entry for http://eduma2.com/ontario2.com/rfeW/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:722275
URL: http://eduma2.com/ontario2.com/rfeW/
URL Status:Offline
Host: eduma2.com
Date added:2020-10-20 07:53:09 UTC
Last online:2020-10-20 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-20 07:54:04 UTC to eig-abuse{at}endurance[dot]com)
Takedown time:13 hours, 38 minutes Good (down since 2020-10-20 21:32:18 UTC)
Tags:emotet link epoch2 exe heodo link Trickbot link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-209G4DSeK8wxklQpF.exeexe 27d401c4ffce9927f76d693787e94c6df30e601aedbe3a07d82470c13272cd3en/aHeodo
2020-10-20r4pBND2H.exeexe d7d200b194e0481fef0dc4d45d9fabb420054e0b2c65f5b5cf1428f27989db8bn/aHeodo
2020-10-20J9JfSR5bP7.exeexe a7722da76a6fd2cff961e43c31a19464e661dcdee8949d72720084cdb1d58658n/aHeodo
2020-10-20mKvvdWqCuCrFkK8awGG.exeexe 734ab9fd59edb4380a074e8c72363bb8f5a6f499ca1a3ee191a67f931d5e71e4Virustotal results 17.46%Heodo
2020-10-203u9kHu2ak4.exeexe 4a3182ab4535d6e23d56a3d60723847ffef20606bb632811b95dbdc8c0b374e7n/aHeodo
2020-10-20wqUKGSmvtH6dY.exeexe 6ccbf2cdc48fe9c94b87da5df1d1f89e929a6fdbd724e077109571d3d2769ba6n/aHeodo
2020-10-20ssngboojYXTDIVIEC.exeexe f3fdeddabe241b0f948738578832b18dd2db9cd9a86f21e12425da906de03a9fn/aHeodo
2020-10-20h.exeexe 162a2d94958d73f1c73dbdf99dfaec2228bad0fe9b25b6cf09a65a77558f6f18Virustotal results 18.57% Heodo
2020-10-2018s7NvGuzph9aWB.exeexe 5107a59da0aed267d584846c14c45320637e04c192e9e0f998235059978bcb47n/a Heodo
2020-10-20lyuVIvsSoZ1viFXy6oSa.exeexe b68f100b52c0db9751c6553add5e94b4a1c70dfb47d418d491bcc98eabe95f13n/aHeodo
2020-10-20DLh8f.exeexe 250118b5a198aa8bb46319e0cd5e07b63f97f1cc9f9776a2cc4a3d7a6899b64cVirustotal results 17.74%Heodo
2020-10-209c1mKCeE.exeexe 1013f86a3e7f03290517e7064b03dcd76f7ac3d44c4f585b1053dade69b5cc3bVirustotal results 17.65%Heodo
2020-10-20D3myy50hPPOn75SSC.exeexe b72c2f1f511f2ff3eec82a5500609f7fda4c4069c4c467b2aa627ebe8639899en/aHeodo
2020-10-20uvdLhAIf6DoT.exeexe 58f958e716a2fd35c9f1bad96412c161b9702da7d0005ac26bc0f888616a329fn/aHeodo
2020-10-202xEbZ.exeexe 084367b3877e3fcbc7af20d8a4a323f657376f7d94eaab58ed98913f66318596n/aHeodo
2020-10-20FB0bNVuM0mMmlOHz.exeexe 9d7250cd206753f31e3cbaeade124a862814e59651d62f4a00e9813a46cf5446Virustotal results 17.14%Heodo
2020-10-20PuWQfonJAkg4fDaZ1t.exeexe d601c0ac958ff78c8cfe9db86b0644b36cd1e9cbe6fc48742ed628361892bda7n/aHeodo
2020-10-20E85UMuelpwLXTf.exeexe 8b8e3eb3c9efdb2c875324561e16183da3107a6beda197542a91729095295e56Virustotal results 16.18%Heodo
2020-10-20a.exeexe 5e8fac5f3688e7bac2d307c2c577442cd75e9667c5605ea8d8e1688a13c856bcVirustotal results 16.67%Heodo
2020-10-20OvwPpYEvSldf7Kqf.exeexe e14278a9c159da384032252aa98f146f46777f0c01891134651d518e47330815Virustotal results 16.13%Heodo
2020-10-20ukjoSpA.exeexe 2cc14cdb7b535ec5fbf442159319e252903a2410e63cd54ac69d71caae716b97n/aTrickBot
2020-10-20PAlS9qBSI.exeexe 00adf0cad601020104df27e0ad81f09063a69a73faa21cd53be697bb0878f6d3n/aHeodo
2020-10-20f8DEqLqjHMh5wN9WI.exeexe ad0f7756e06cad3669dd65a058b5d770088c3151e38f63cba5a01c79c603b592n/aHeodo
2020-10-20A4xX.exeexe 39dff76bf8aa6e13993859ebe9ca084bf623cdba8df91b733e2ddff9e133b2f0Virustotal results 10.77%Heodo
2020-10-20e18ec.exeexe de322e35d17879f9c945de8c596d50741d19fe6465c17d8d27895f758cc9ef2bn/aHeodo
2020-10-200Hu.exeexe 82936604ced63b927896bff5538e5a543825b303bb886a75f298350fe751416cn/aHeodo
2020-10-20sDHWr6QWy4PlvuXHf.exeexe da708b663fa1ac7a9d69d100057ec6298b038887c5ccc0ed62294efb6cc63b49n/aHeodo
2020-10-20t2L8F.exeexe 94ef7a6f0a74b798cbd6217008aa51c43ff248b8eb5b94081b6dde0071902705Virustotal results 11.27%Heodo
2020-10-20LPG7X.exeexe 606d6ac5d9d47848309be461d4e7b1dd12fffb18694d3b61e4770d28da74caa0Virustotal results 19.05% Heodo
2020-10-20KqtPF8BikMvCfOa.exeexe ef41c26328181e0f17239ad784676feaaae1364aad248aab5fcc9f9ad8d770d9n/aHeodo