URLhaus Database

You are currently viewing the URLhaus database entry for http://www.wndz.hk/message/rys/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	757610
URL:	http://www.wndz.hk/message/rys/
URL Status:	Offline
Host:	www.wndz.hk
Date added:	2020-10-27 18:48:08 UTC
Last online:	2020-11-02 04:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-10-27 18:50:46 UTC to abuse{at}tencent[dot]com,abuse{at}qq[dot]com,jsquare{at}tencent[dot]com,dreamsruan{at}tencent[dot]com)
Takedown time:	5 days, 9 hours, 16 minutes (down since 2020-11-02 04:07:28 UTC)
Tags:	emotet epoch3 exe heodo Trickbot

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-10-29	MmNQKYFFc2T.exe	exe	db29310c66c6ebbe34e91f0654d7e6b4ef3981dba8ca4aa00e9f1641588e5bc3	n/a	Heodo
2020-10-29	UC.exe	exe	709ace820857e184f0200ea933857bcb621124bc8da0088e996a2129f5c7b67c	n/a	Heodo
2020-10-29	dAK8fuP4MAXMnWgnu49X.exe	exe	fcc9b6aed33e6ef5573d008fd32d934c164ae4dd93ecf07907890b94a54498d4	n/a	Heodo
2020-10-29	UATQj78wDxAxctohm.exe	exe	d9bc2877a8cc6aef53624d0e76d7f1bc0d5e41e428e5fd8143b6b912e5bef975	n/a	Heodo
2020-10-29	vxVs8yNoQq.exe	exe	c04477687044252f659376f396c8667524422c51d64614b8df89d5c61655ebeb	n/a	Heodo
2020-10-29	TWqCbnzR.exe	exe	2371e68187a5087e37b1f62f8a3fe224a2dff29758ce9b910c212cabab46b4b0	n/a	Heodo
2020-10-29	lX1H70jm4KB4u.exe	exe	d47de7d23b111267f8f57b260ad7678c91cd8d84c5defe6044a95bccb198899c	n/a	Heodo
2020-10-29	0ED95oEdYPIXORMGm9sD.exe	exe	f7198ed85d993b7496c3300949362205f592cbc57d1afb4756a0d26169898141	n/a	Heodo
2020-10-29	7.exe	exe	4b02f4749a718348e3e6584f3b2b85ce8d74eaa343c231e92dc3fea35755331a	20.00%	Heodo
2020-10-29	n.exe	exe	099ece99b2af3890acc56f4c8cb006aed103562406f1c54849b996b24781b892	n/a	Heodo
2020-10-29	wHPj.exe	exe	d742c1b71caea724e8752ac305dfaac3349fcc72e29a1be28d3ea47032866a00	n/a	Heodo
2020-10-29	9Tly3.exe	exe	638351c668c308a14ad712bd84bc13875491dd40b6ee096741fcffdb4ae74956	n/a	Heodo
2020-10-29	ZBDMOp1uur2z.exe	exe	c14cc7cda30a852cf9f4d1e1dc56bb8ef18c6dcb2b31515caca8f6b2b47ae362	n/a	Heodo
2020-10-29	VHNGhaPYw.exe	exe	d3c6c3f53a9d487c852caa51fe9c5e21d1c3b9c9d0dba16e62ab7304243bf367	n/a	Heodo
2020-10-29	gD8PWV74mWDJe.exe	exe	a4ffef40974cb4f656862349b5d6ad6a2eafe749937f66b0bb9e2a0cd5040a01	n/a	Heodo
2020-10-29	yjSyB2.exe	exe	3b6e5bc1838d28f83d14eea2f815d9369d88462e258366b43c40f106df371c5e	n/a	Heodo
2020-10-29	KQcsd06EEci7LF.exe	exe	34bcdf170ab5e3d70995712cf1f41c49c7e3f732248221b81522ee30c93ee1ec	n/a	Heodo
2020-10-29	8Dp0PWLmSeigsN0XN.exe	exe	2ba646118941e63eb9545d9bef89a2bf11a682d909e195daa35d89d19d648ee3	n/a	Heodo
2020-10-29	7D1uWM6ZvVSN0UOLZkh.exe	exe	fd55d3615333eb63db37487363e31f4528020f801f5a51a87a45cb260700270c	22.54%	Heodo
2020-10-28	yizFelM5A.exe	exe	9331d84f36907b0b8c948b0326716b88fa113d3782ed2858a3485491e4a5c13b	n/a	Heodo
2020-10-28	MMGn.exe	exe	5ecf073f928f176a5b43d1f5630b6788c0c0350dd734828ea64df285f963169e	n/a	Heodo
2020-10-28	vBIKarTV8E.exe	exe	07c087e091ef64852137b38353e608bb5ba52552b3d265a3f12c1a2de64830b8	n/a	Heodo
2020-10-28	9GZ.exe	exe	85a8f2561935fee753eaec5785829d0b1d6102ec80a392ea7ab62a1d4bd9fb43	21.13%	Heodo
2020-10-28	ItIOdEpaWaehbFivvZ7E.exe	exe	d1d381989098ddc05bc95a46d2cf1759f3edeede2dbf86e1228ed29ab9b056ce	n/a	Heodo
2020-10-28	24buOD8eqZP.exe	exe	453e0029a94dd6306f18a492af3c6f99d2f941039c930c12f98f64c1ea9ccdf5	n/a	Heodo
2020-10-28	LE.exe	exe	fccf8c11cce2c2a0fa9c5e01d43d5bb302d1b20aae326fe79cdbd904a66f5de5	n/a	Heodo
2020-10-28	pOYXYhnT9fQnTYU1pQv.exe	exe	ba145768df8194c21a5a72958f18bbc23542c232dcf7d3d3ecc29e9ff3116a35	n/a	Heodo
2020-10-28	yEqskk.exe	exe	1d5d10930f7c9e8eb520768e23dc5381e888f885c0c59ee4184a787db4be70ae	21.74%	Heodo
2020-10-28	JRHCsFd.exe	exe	df4bd666fcf2fe7dd38fbe2dbef2a4c1a6e2bfdc3fcc224164b0cc98a9c6c4c6	25.00%	Heodo
2020-10-28	I8Xc2jPnsCey.exe	exe	3626ae99f22a37bbed0730a6d6ef93a5ed17233caa52aff452338e0726864120	n/a	Heodo
2020-10-28	8OutW5N640tUmpcte.exe	exe	6331d543230583fef514160a084913a0750f2436ababebceecc79c599019b445	n/a	Heodo
2020-10-28	AUobVC6zmiXuaKTFXSxs.exe	exe	1b9c1bcdca26c00f4a4cf19c6278bc7b37bcc95b8db8f6d6b1b9f771a95df970	n/a	Heodo
2020-10-28	pxsCy2K.exe	exe	55ab767901aeb567a82cd7cdc06b41ee28672b97e880d23c222cff821578f93a	n/a	Heodo
2020-10-28	wScGqucOXk.exe	exe	e5a1f6694c4ad2259f2dba1f8584a5373cebe9ac85f1a7d6ff0515ee86204d4d	n/a	Heodo
2020-10-28	uQWHOMlW.exe	exe	af466b9141077c08dc8da9fcfd0d8f6b85f51e1fcd1935cbdd2047a71e36ed81	n/a	Heodo
2020-10-28	MSBunFu6XWDThGr.exe	exe	dc69905ec5046522a3251cd2c5a132a4d24993b347725f611117150cf74b2cf4	n/a	Heodo
2020-10-28	lMgcGmtOLrf1x.exe	exe	621336b419f548be6925fbbd4556d0eb26723d5b28c41c35810230aa42b82e7b	n/a	Heodo
2020-10-28	LR9t.exe	exe	bca997f9a0951473cb986afc638f2c29ad42466d12ee8f4c259b9bf2ce83afe6	n/a	Heodo
2020-10-28	C4XnCS.exe	exe	61b4dd1a44d6cc3096c217b43503f2fc2d3b141c6df1bcb6e14d27659a2e00f5	n/a	Heodo
2020-10-28	IdriD0a3clYDvfw.exe	exe	cf02cebd26a557cafd8058eb5edbeb0e26171ad0d0a53beb94f4f9e586ea51b7	n/a	Heodo
2020-10-28	meBH9rERJ.exe	exe	58d4e25a5f9beebd39589b7d09c8e232c4bcd06f00d008e675ef6544c9921f63	n/a	Heodo
2020-10-28	snir.exe	exe	a4c262cbfe3b0c00a9e56d214bcc68c726a3817bcc2364af0a3e3fd260f835a1	n/a	Heodo
2020-10-28	iC.exe	exe	0c512364ebd02ae062d695e43b232306dc249fdc43e3c460a3d5aee9f476c2f3	n/a	Heodo
2020-10-28	r9SS55RHHwcbd.exe	exe	72f7a8844c6634e6debff217fa8be407ab614108c807da893e204c5f67dd5f38	n/a	Heodo
2020-10-28	ZRFoQG9YFh.exe	exe	d421d3045285c148ac2eb152e1461e0df1cc3f34cce0d337e54fadd1e4caa03e	n/a	Heodo
2020-10-28	jcIqKzzherU.exe	exe	914ec3ad824dd346ea348787ca34224bbd8fceb77dacf2267cce70e72ee3149f	n/a	Heodo
2020-10-28	Kqj1IrrdXv.exe	exe	404998faac798a7726c501277af6fa062db81412160c1bf1c1f7b8609e101bad	n/a	TrickBot
2020-10-28	wXb52tiTbqdFk28devrU.exe	exe	b5759c84851ce0e83331e65573059fe41583f13b55358fc689100e334d3863ec	n/a	Heodo
2020-10-28	zwfpJvpPTURyEZ.exe	exe	408c2a30dde02987131d8acd58c4323961f5e07cf1396f2e19a0aebf054d62ac	n/a	Heodo
2020-10-28	sehfff0K4W.exe	exe	a1d1eff99eccbe8acd665a4cbee1552e31e75289991360396d0f1c58edea212e	n/a	Heodo
2020-10-28	ffLw.exe	exe	b5202e840608304b1513ff9f8d41aaca363df7db447f20a66071a8bbd2cca6cd	n/a	Heodo
2020-10-28	GX75jFNzkdQsIy.exe	exe	6301de60fa383c005dd1ce19e2de67139b817e1583e22cb1e567fcb175f411c3	n/a	Heodo
2020-10-28	sOT.exe	exe	84a76e690e19eb5f8f62161176f4d2650144369f1bf1d41024e4205575329c81	n/a	Heodo
2020-10-28	PIB4.exe	exe	cc2c3e1b93691b8a3f9da07d70de065e10aa81684783ddf295c85ef11d8360eb	n/a	Heodo
2020-10-28	TLcYdQGaj5k1rtkHcC.exe	exe	a982d163cdbf8e38471c4676fd1a9a2570e6e3265e015844e30b3f7f3090751a	n/a	Heodo
2020-10-28	G.exe	exe	e8b07e6d2a7325bfde4740f362e5525bb98a03fb69b455a05ca8b95e9a976293	n/a	Heodo
2020-10-28	kRB2v3neZDO.exe	exe	b10c1e727f057f026a04fa3a36e97de78c521786517459050de4ee22ddf83bbe	n/a	Heodo
2020-10-28	fqIys.exe	exe	52ec765abe0b231c92d15df29b13bfaf2ded183d4f2ba51058e9d4bb787132bf	n/a	Heodo
2020-10-28	qp9z5qeUmxks.exe	exe	f75c75e2db1802b8bc95c0fe7f64a16f2b558d3da697c54b0e3ede3f55467dba	n/a	Heodo
2020-10-28	QL6wdYLAj.exe	exe	72f2e57b3ce0da1392e3bbbdc298bd488c1d11ced9801459dd133800a0c43b6f	n/a	Heodo
2020-10-28	oR.exe	exe	1c08754bcba08f4f0aea0500f41321ec44159653a038c6957ae35e8421b43916	n/a	Heodo
2020-10-28	21q4bm.exe	exe	d92c747d77639d4be11656badd3dcce093095745ec1080b9a49a1ed79e99abd3	n/a	Heodo
2020-10-28	NF4.exe	exe	dd0a44398cf628d4010ec37754dbd65d48229e5625ee0cda9074e162c8c16cb6	n/a	Heodo
2020-10-28	A6hkx2NDcp.exe	exe	4a713447c1ebc13b2024ccf8e5df87fec8ea5e71581fa45a6342832481e49566	n/a	Heodo
2020-10-28	a5t.exe	exe	314d4cc5368e245c38fe889d6acc4a9518f849694929f5aa20f67f2b2f64ccaf	n/a	Heodo
2020-10-28	orTrUXQoK.exe	exe	9d9b23eb8120ce82767c6029946479a1fd6bafa99edc3c611adfb6242807d2e4	n/a	Heodo
2020-10-28	I6uaoFLsv18gA2rYJq2.exe	exe	6866a3c2340e2c9fa1c7174a79d7f94f46a0a94d4dfb53640e6763c4cebca55d	n/a	Heodo
2020-10-28	ytgu.exe	exe	1f2d8111133a36e027d6725ad479d71780f3e8b8257c5b9b721bcd1788d6fa6a	n/a	Heodo
2020-10-28	64zxDT.exe	exe	354557403332d234c01ade5aa00b2448adedc820ae238a8816787e45fe0505ca	n/a	Heodo
2020-10-28	IHNnfD027k3ZhF.exe	exe	351455801c7d6bf2f452e783f61723aea135436c1f9f2482644dab7a3c3e5035	n/a	Heodo
2020-10-28	2mNMQEnXQ2u2OMMzyo94.exe	exe	20b08301b8021b0b84f00528ed0c321c9bbbd1731bbfdb9849870bafcb682d33	n/a	Heodo
2020-10-28	jo4o.exe	exe	1882cc7dff7cd4c2c0e07190e0c25e8df186403c44886528cbd6c320164e7c0c	n/a	Heodo
2020-10-28	JGmAWiLzqK8r7uuMTBnV.exe	exe	8868a9c5a9deb357d4f20ab287cb9ff8b73798143bdbea8a0cfea1f6546677e0	n/a	Heodo
2020-10-28	GH4KLVoBIVBq.exe	exe	222f6a6cfe0760d3315c09768bbcaf4526a3002f0123e43a74e16a0c5e3c2edc	n/a	Heodo
2020-10-28	u6D.exe	exe	bf2c3125fa9523b9c3aa50c48cb8730b23f1606183d435953350cdea02de8ec1	n/a	Heodo
2020-10-28	iqDvWtYnQPQo9y8LypmH.exe	exe	5259397f94b5e233b7731ea4344931f53aa2f7830675f54c0711ca34542ce3c3	n/a	Heodo
2020-10-28	xS2eq.exe	exe	fee0b5b52d613f4b9af9c550143ecb99221ae60ea578b8c5578a0782956b3cdf	n/a	Heodo
2020-10-28	aH5DtZsrE.exe	exe	ac6bda3405d6358f6decb32bc7eea9965df7e634117cc92ea0273a246c3a786f	n/a	Heodo
2020-10-28	U0ZF.exe	exe	ad62ef13984d1c4e77be6735693e62b407fc4bad9cc020f6550bf6f416f1c4d2	16.39%	Heodo
2020-10-28	nDq7iWiefu61AO.exe	exe	c9500663c9bef18913a50e2424cc369ee5ddff4532ee20646d9739b2fd0ffde3	n/a	Heodo
2020-10-28	F2AdvjCDqgR4P.exe	exe	47fe77cf5088841f923333a2b6dd3c0d5b45b40c3265de26907c665108918e1a	n/a	Heodo
2020-10-28	Q3583ma.exe	exe	6457f28c106a129f671e5a65a6b5bc6b61e1c316aa881b8f40fd4c9b3804782b	n/a	Heodo
2020-10-28	JZ2JTy9jalyd.exe	exe	0e1cd963f966e89b767c7c429b3605028de503dfdfac45d09be018d21c6183d9	n/a	Heodo
2020-10-28	wwVZxhC9zZXp1XFv.exe	exe	8690b5bc6a6bd4489859df76731f663cf2700cb239fbca23e3afdd46a8807ee6	n/a	Heodo
2020-10-28	CyRMBr3.exe	exe	274e6594e7a435f897468115ab2efe19d44604403600d80e0f4dc011f3c29c90	n/a	Heodo
2020-10-27	VByIqK5GrZ4moqUfA.exe	exe	582601656ea50eb858c9adab6398fa2e06d6b3c9ba5731bc0a1091b4b0bd64a0	n/a	Heodo
2020-10-27	wz8RwQ.exe	exe	d7ab83d2986a03b284634b4172ae7c06aeb1ecf0ed89eb84f2039e9f88a9cc2f	n/a	Heodo
2020-10-27	WjO93.exe	exe	268d7b2563ef5c9438b0abcc8c90223214c5bafc848b8cb1560385971395a7bb	n/a	Heodo
2020-10-27	tJ0CXi.exe	exe	09a69299760447548de063e877e6a443e232475e555f1fa5c35a9dadd5b00393	n/a	Heodo
2020-10-27	g.exe	exe	928d0427dff24dcb09f55f7c7d5532c3440f933c69dd37c5c777f68ef4ae7fa6	n/a	Heodo
2020-10-27	OeDDR8.exe	exe	60d49a7c427dfbbd4558b748e9681174b16e86e38ecdfd835d1049cd1a938642	n/a	Heodo
2020-10-27	rEYV3a.exe	exe	203386e058a7ab16fefabe02eb3653cbe642271e3e1aeb0f68fdaf6283c85944	n/a	Heodo
2020-10-27	bRCWOM38Ny7E.exe	exe	19e1f98e28ca4c9433f7690cec50a318d231014ae6bec7b4c0ea8582cae5c511	n/a	Heodo
2020-10-27	4gI2.exe	exe	43f0f124c7adca108efd1f5af8527967105c223206988ce4472be2b9b681520b	n/a	Heodo
2020-10-27	ugM.exe	exe	8f7fc861a42d50646cb00625134c2d01dc5ca6b7ac21e31b4d44913404273efe	n/a	Heodo
2020-10-27	fCx81GfH2DjiCiN.exe	exe	35bb5a7b4d48444e465464db071b1e23edebba96abfdaac04a8a4e5a5299851b	n/a	Heodo
2020-10-27	8ZcP600mFTmycdQ2.exe	exe	768c3cc4f77918a031f71ca344ed8afebb6f32a6cc81129b9a2d6a17e83cead7	n/a	Heodo
2020-10-27	wkHu1EOo.exe	exe	6d8afb2247643b210af7096ad88614e742466b8c120e443a556c0d9769ccce77	n/a	Heodo
2020-10-27	X5plOf5lcRhDMfzy3.exe	exe	97f80520e40db46908c20961a5d35dfe1c851a29e3371d8b9de8a38b98b35492	n/a	Heodo
2020-10-27	d7JC.exe	exe	52a490d8802cd4a347f63715adfb0cb8badd3c478ad76e11bf8bd4744449622c	n/a	Heodo
2020-10-27	HfVDlOwmiNIR5TBrZ.exe	exe	65393f425f422e1502d0f438ce1b6a14039455f0bb27d5c99724a510ec7a6449	n/a	Heodo
2020-10-27	QCGyBpd1Z.exe	exe	ee82e3995b611e944b1abe9fb7915da23e1fd637c4340da48452de6a2efe129f	n/a	Heodo