URLhaus Database

You are currently viewing the URLhaus database entry for http://it-eg.com/MG/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry




ID:93562
URL: http://it-eg.com/MG/
URL Status:Offline
Host: it-eg.com
Date added:2018-12-12 13:10:07 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2018-12-12 13:12:01 UTC to abusencc{at}interserver[dot]net)
Takedown time:23 hours, 17 minutes Good
Tags:emotet link epoch2 exe heodo link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-12-131200.exeexe 98b385f28de754123a8de2bffb31f32365c7e9c56af6f5307fee2ed8f79ba813Virustotal results 18.84%Heodo
2018-12-1339805.exeexe a697528c44f688cfd4a61be369b537e91fad24a9eb7838b8091b42a6a4263ea3Virustotal results 20.00%Heodo
2018-12-1313466655.exeexe acc7cd9e774bed9c436ca9423d8269d974db77093c1bbe6868dbb1b127340281Virustotal results 18.57%Heodo
2018-12-137.exeexe ea1ddc500fe3f1b6fb5220b9b156ac5cefbe69876a1c1149fd0ef46077b8e819Virustotal results 17.14%Heodo
2018-12-131.exeexe 3975f985cdbdec5f7930f21e1b76a2d851f94a75ca9a3dbf64d3126ad2f3bef9Virustotal results 18.57%Heodo
2018-12-13241153.exeexe 528697636737fc3e209e0abd27057022d0a60c73c17fd09e353299aaca4b15f2n/aHeodo
2018-12-139677328.exeexe 95157122e232b303458cdf04cbea3264b1b0d7f80f54f249b044adc24e502caen/aHeodo
2018-12-13289.exeexe f7241617e0a7dd47ecc525213b91db6bdaad69f64790b273c06221261e9c4cbbVirustotal results 21.74%Heodo
2018-12-133.exeexe 510d15f0ef422bc3702311abde7c69e57864f2c4afc7c6b7e97394d663d5ce8cVirustotal results 25.71%Heodo
2018-12-1358145.exeexe f3c7f4e62485aa1a581ae64f635f908ed212a6e5506f6dfac89e32b139121013Virustotal results 20.00%Heodo
2018-12-1300664.exeexe 0420d8b094b2a012b961447346ececeb76f3b11c7ccfa83959e2a4a772c23a28Virustotal results 23.19%Heodo
2018-12-122535.exeexe d78ca82a29afaa0346056f6b8c83e435e5d3924aa4165a8917c00efc5dc67086n/aHeodo
2018-12-1283893.exeexe 3b3bd1655912afd92856baf6fce9810e0161dd767321ce8e75176c36b42699f9Virustotal results 21.43%Heodo
2018-12-12883.exeexe 01dae8092875429070fe648949048114b8154bf603fd7e385a7f5001c224c4f9Virustotal results 22.86%Heodo
2018-12-1271639917.exeexe 2b45cb92e0c571ea00586ae017b0bf1e21e47a22c8475771a1138297da8ae0bcVirustotal results 21.74%Heodo
2018-12-1265.exeexe c1616f22db5ad96246d56b04da630213a18697bc054348c2eee69554637a0678Virustotal results 14.29%Heodo
2018-12-129631721.exeexe ed54ce7018329873d200ac07b115ca030a62bb12c9d372151e820f3a6b730e28Virustotal results 15.94%Heodo
2018-12-129334.exeexe 5ac10964f514da9eef6fe68446e5e5a51c47dfb898c633019db7aabbc5934017n/aHeodo
2018-12-123206.exeexe 8d6e6b44a84e5502c17c19ad6e0c8255a0747e684c9052dc7ea5101c5644a199Virustotal results 14.29%Heodo
2018-12-12196965.exeexe ff5c4eb575647103f4c16854bbfca9f45c201b9f32cbd5d0b568391ac29883ebVirustotal results 14.71%Heodo