URLhaus Database

You are currently viewing the URLhaus database entry for http://ajflex.com/cAnI4g2/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:8169
URL:http://ajflex.com/cAnI4g2/
URL Status:Offline
Host:ajflex.com
Date added:2018-05-02 17:44:08 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@oppimaniac
Abuse complaint sent (?):No
Tags:emotet exe

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-05-0317026.exeexe116737a5c2de32b388dd975b82df2e646c2cfcc3b0d07e129ecd8d21d0a4e0a9Virustotal results 25 / 66 (37.88)Heodo
2018-05-0336827.exeexe16a53267ab251e5c8fbd688b1448e20579d066957a65baf3e2c33fab43a9c237n/aHeodo
2018-05-039813.exeexee66533a8ce25904e5ad9d1af1ac9dff9f9ae476ab8aaf0b6fa0b9ac466930459Virustotal results 17 / 67 (25.37)Heodo
2018-05-033941.exeexe8df9c9369e8d5a4b6025deb217999e9f77a856f8ae4d824288719ee3a2c9e44en/aHeodo
2018-05-0347599.exeexe7dd3982ef0f37813402dfe6103cd14c9b98d27bbd818a0374a27a1a9634f2929n/aHeodo
2018-05-0369611.exeexecaee02c77c506bdc8d6eaceed0954135deeae8f92836febc61fef4edbb648399n/aHeodo
2018-05-022897.exeexe4d5e2f6e682e42ab85aca4858803f9490d58fa01a6b9a70c3c8234772a09bca4n/aHeodo
2018-05-025850.exeexed475ed57fcf47b3a73d85311746ac73ab67aea327c7265f774911ffb24023b53n/aHeodo
2018-05-022810.exeexecc7ad294cf8140af0a1f6420132e9fe82c88b8cd516d747810fa4e24bbefca19Virustotal results 14 / 65 (21.54)Heodo