URLhaus Database

You are currently viewing the URLhaus database entry for http://nursefreedomsystem.com/cgi-bin/eYae/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	725509
URL:	http://nursefreedomsystem.com/cgi-bin/eYae/
URL Status:	Offline
Host:	nursefreedomsystem.com
Date added:	2020-10-20 20:55:10 UTC
Last online:	2020-10-23 09:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (Ticket DCU003024533 created on 2020-10-20 20:56:09 UTC)
Takedown time:	2 days, 12 hours, 59 minutes (down since 2020-10-23 09:55:19 UTC)
Tags:	emotet epoch2 exe heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-10-23	uAkzQGuvgXEQMj.exe	exe	30178b3c41916913be17068bb5d1f554e452affd0be39c84c76ad74abcd95299	n/a	Heodo
2020-10-21	WADINz.exe	exe	d14934086e2dfb7a1685a59f58ade8d5c92d8ef09085bfa0b8c9ce384fb7182c	n/a	Heodo
2020-10-21	ycCrmwUnGbrEkae.exe	exe	6c9055808fc02bae3c772fb2cd0faa784e7fe6159674ed6e918c73d272daac05	n/a	Heodo
2020-10-21	PacIT9hbnWbfveUMM.exe	exe	dfa4a9b2840fe1bdb8150ec6692da635bc8c3f3fb71c4ac1376de77ceb7a709c	n/a	Heodo
2020-10-21	z.exe	exe	7fd225f476ae922fb407f4e153470dc48d4acba41e96ab9a20d822eb998dddba	n/a	Heodo
2020-10-21	0RTjS.exe	exe	8a23ab9722fd3cf2b1155114d4d27543e5f244affc0c1b8ca710acfe07289b2d	n/a	Heodo
2020-10-21	PKMyEJhEXco.exe	exe	7e16a7e34ce570084b5050ee3d1e1dc2689d41f7fb0a6bfe6a43babf7ff436f7	n/a	Heodo
2020-10-21	8HMGTOVXSQ.exe	exe	c4327e956346bd2e939d59d131ecad63116a4cd22effe92f0b93522098eef29d	n/a	Heodo
2020-10-21	uRLq.exe	exe	435627f522178d96c3887cd32a2d9e4f107261be8b216f7e76170877f5f4b257	n/a	Heodo
2020-10-21	x8HPQM0s2flN.exe	exe	84febd93bd5c17466d4ec4a4c32a611be7b05d2e3addfff9d4b7cc3695e41a22	n/a	Heodo
2020-10-21	LUD.exe	exe	d996cc72457cf1f8ff6406e4c9f783dbfe124621c349dbd07141afc3b44e6e17	n/a	Heodo
2020-10-21	vp.exe	exe	73ca7966f29015beefb5a16803ca71d550bb4be11a77ce510e31df631eedfc5a	n/a	Heodo
2020-10-21	3shE6Jiy4iIiWS.exe	exe	85b5facb793936bc0376e22d303cfa81b435a83b37fbc49337c4b66435d4feaf	n/a	Heodo
2020-10-21	PeMSqqEYAM2euKl.exe	exe	b5873067447781593058ee43f2abbda2066ecb80121d9874605025ba0600e497	n/a	Heodo
2020-10-21	ifjb.exe	exe	e1bf17541405821b27a78f5102debbe707819bbf7ce591768e9a0510a3e8fed8	n/a	Heodo
2020-10-21	ydzQY8QiS7vJ.exe	exe	c085ae95c3660a958e40c619803c804fad24e7ff6f34e18b75e152e9f0e5bf4d	n/a	Heodo
2020-10-21	TnBapL4epn6.exe	exe	850e5391fa50760bc6d8141184ff0a6790819ff3d3e2b96adbd79021caebbfaa	n/a	Heodo
2020-10-21	irTZxaW58sH.exe	exe	b11417f76ec14e4235b336efc420dfdbe8fcfcd86ba3683a35b5e5b4d5520243	23.19%	Heodo
2020-10-21	hhR0.exe	exe	48c559a8f86bbf5b68b0b5841f505aeb9f36b69fe7c02087b6e7808e3b126851	n/a	Heodo
2020-10-21	r.exe	exe	67d13130651b29f829f5aaa39c0e95fa58e31a118ed6f0f78a4656bd0391f191	19.72%	Heodo
2020-10-21	ES.exe	exe	d33ca2ee281c5ebed1ed70d1fc698ff1a16aae9bda68a706a045940b5d427c6e	23.08%	Heodo
2020-10-21	6R0i8tJ.exe	exe	f257e965a8033dbd0134038fa86bed5fb0818665c0d2f407ff05a59e6f545932	n/a	Heodo
2020-10-21	gnPlSv6tbvL.exe	exe	20557df2ef9e1dc5161ee40bf966e8333ece58f779ffc2ba9b0e45364a01be8e	n/a	Heodo
2020-10-21	opn162KSsMVj3Td5T0n.exe	exe	0bf84c6e23899c174c035df3979292abe2900d7eae6331827ab3b7378f93841a	n/a	Heodo
2020-10-21	bUZy9vVPOewDKb4.exe	exe	f93a76e0b4f19257be60ba93cf7e2c7d22eec6a31493c57e893a84dc45c323f5	n/a	Heodo
2020-10-21	1X9RQyitqEtyTuaOSm.exe	exe	1880b1dc7f056d3f9f82dd48d5e73748e62c43a2821f9c453829160262795bcd	n/a	Heodo
2020-10-21	inR.exe	exe	d56c4fabab6b6d785b1117046b4044021020fdb361669d887148eeca6fb82b60	n/a	Heodo
2020-10-21	sxW7CIXErrfZe2AwCS.exe	exe	8fc20d7a7b1ce59305407792a49d3af1693b62c84adbb6f0e2d28639419abf5b	n/a	Heodo
2020-10-21	wqKrgWGcNoibhPwE.exe	exe	3b092a04562fa50dc7529ae15f1baca0ea89248523e2bb01a667a04853e1e3a7	n/a	Heodo
2020-10-21	rMNq18s.exe	exe	b7e1898a87f0cb62eb71152bfcc1a9d29794e2e289492d400a663a0ae9c0e568	n/a	Heodo
2020-10-21	HVmGamTAkNvCH8S.exe	exe	1cedf704999ba075df243fc0c173b5d47079cb34cc344803c61414d53ef5dbbe	n/a	Heodo
2020-10-21	0UbAb.exe	exe	4314012e0c800319eb7df42f3428565cd011c8f9da2bf3fb615d4cd4cfd2c93d	n/a	Heodo
2020-10-21	W.exe	exe	5794d471ada52d20e4688f666fe199ba4eb020ad3b6a79bd5a1bb53885053fa7	n/a	Heodo
2020-10-21	pHYlh0l9uVXefmzgFYrG.exe	exe	96899e8641bc406a9ca50092e670096b1dad5d3a2eaf62bab91eae3df103777b	22.03%	Heodo
2020-10-21	CyuQCrGSPQnZ.exe	exe	cd0e198b21fb7be202adba66cb079c182f914190df08be056222739fc55b3269	n/a	Heodo
2020-10-21	IVObvIPeXY.exe	exe	a48274bb9a0fe27468d9bae188fb1b2df4fab834d7107ba320bc24c33350994a	18.75%	Heodo
2020-10-21	ZN1.exe	exe	0cec0f51ec79ae6cea7e7f9804e464eb00286d69a19f76df33e3f2f16b22b00c	16.18%	Heodo
2020-10-21	olXBA1TnXEHPO5jf4KZC.exe	exe	827dd05f2e7e4568778bac78f6e478e02329c506b204bca2c487fdaa12155feb	n/a	Heodo
2020-10-21	z8P.exe	exe	e9e722f7bbe815283c93c05ed12709efe809efd3fec4b6291d4397714b7eaf0b	n/a	Heodo
2020-10-21	pu2oSNqJfp8iWU3wJDUa.exe	exe	489cb0157bebc35bf4fca28f464497290fea0709bf080b657a8b41276c3f4bc9	15.49%	Heodo
2020-10-21	45i4cm3I23ijMXRc89P.exe	exe	737fe8ecbc79fb63d64e85f7dbca5c25200ae26bfceb4bed04a990271661aa48	n/a	Heodo
2020-10-21	2mwx374WadzWu.exe	exe	e2e12e20767430407826fc72da3ff0363b266097526a9040a177c91f9b8cde81	n/a	Heodo
2020-10-21	kd7rnqd5wLZ.exe	exe	5adc31adba7c9413a65187599f7f5f38f1e385a54bdd77b5a58f9332d3aa00a1	14.08%	Heodo
2020-10-21	QZ1dgJVNaccSusRrjF.exe	exe	664aff71f5f2254c4fe014d3d39b1802b39bb243bcd7a4ac486ad00ce0135728	17.74%	Heodo
2020-10-21	BZ7UGYLVqjNwGvxv.exe	exe	6f46e33ee95faa06d24346881b7dd949d3160e02b7beaf8bb67813ebdc863352	14.75%	Heodo
2020-10-21	mwlc8ANkktzD2FN.exe	exe	d18f744507e10a68d8bacc38657975b835cfd8d66ec8b34af8dcc23a1ec6f1be	n/a	Heodo
2020-10-21	leQMVffDCNUOi.exe	exe	b5d35f249a29c5be6c706f9a7dec4fc1ec44d4c6b92dffefcf81a36f90ed9f91	12.86%	Heodo
2020-10-21	xT1WP.exe	exe	b95adc682b86b8a2551f837b6f5a3888a289c42adea870a678f92c23f61e7b80	12.68%	Heodo
2020-10-20	2.exe	exe	998bc144d9f6697c2d6004a20e703148c148c82d743c92639a11bda274561120	14.71%	Heodo
2020-10-20	KieESVkTAvnQtP.exe	exe	da6802a7c24868257e2a8b578c687a87a79b00b90b6a1b63908d8717b2362649	12.86%	Heodo
2020-10-20	k0csT7CoA.exe	exe	91dcf78a4fd6e9337da442fac155c6c14a963bee3b454f6d1690b1d0381b7d4f	n/a	Heodo
2020-10-20	dd4ffehJubUbLhI.exe	exe	9506aebc958ceefcfd18d839160f56ba0929a989c623a9c1ad051ed688c9b3c8	11.43%	Heodo
2020-10-20	SG.exe	exe	c7ee2e5ad56a3ee63eaf25afffd87550f97f1829fd856e23a405021477b69dde	11.48%	Heodo
2020-10-20	vm.exe	exe	bd4ab0040f5dc5127a901cab1d7af5f74f457679a11e5e4999d0caf902506733	n/a	Heodo
2020-10-20	ttp3h0xXcFiHGWJkaQn.exe	exe	2e723a4be7bb13856716dc89ffcee3bb4799a035e26998511a8c33f861b6450e	n/a	Heodo