URLhaus Database

You are currently viewing the URLhaus database entry for http://it-eg.com/MG/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:93562
URL:http://it-eg.com/MG/
URL Status:Offline
Host:it-eg.com
Date added:2018-12-12 13:10:07 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2018-12-12 13:12:01 UTC to abusencc{at}interserver[dot]net)
Takedown time:23 hours, 17 minutes Good
Tags:emotet epoch2 exe heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-12-131200.exeexe98b385f28de754123a8de2bffb31f32365c7e9c56af6f5307fee2ed8f79ba813Virustotal results 13 / 69 (18.84)Heodo
2018-12-1339805.exeexea697528c44f688cfd4a61be369b537e91fad24a9eb7838b8091b42a6a4263ea3Virustotal results 14 / 70 (20.00)Heodo
2018-12-1313466655.exeexeacc7cd9e774bed9c436ca9423d8269d974db77093c1bbe6868dbb1b127340281Virustotal results 13 / 70 (18.57)Heodo
2018-12-137.exeexeea1ddc500fe3f1b6fb5220b9b156ac5cefbe69876a1c1149fd0ef46077b8e819Virustotal results 12 / 70 (17.14)Heodo
2018-12-131.exeexe3975f985cdbdec5f7930f21e1b76a2d851f94a75ca9a3dbf64d3126ad2f3bef9Virustotal results 13 / 70 (18.57)Heodo
2018-12-13241153.exeexe528697636737fc3e209e0abd27057022d0a60c73c17fd09e353299aaca4b15f2n/aHeodo
2018-12-139677328.exeexe95157122e232b303458cdf04cbea3264b1b0d7f80f54f249b044adc24e502caen/aHeodo
2018-12-13289.exeexef7241617e0a7dd47ecc525213b91db6bdaad69f64790b273c06221261e9c4cbbVirustotal results 15 / 69 (21.74)Heodo
2018-12-133.exeexe510d15f0ef422bc3702311abde7c69e57864f2c4afc7c6b7e97394d663d5ce8cVirustotal results 18 / 70 (25.71)Heodo
2018-12-1358145.exeexef3c7f4e62485aa1a581ae64f635f908ed212a6e5506f6dfac89e32b139121013Virustotal results 14 / 70 (20.00)Heodo
2018-12-1300664.exeexe0420d8b094b2a012b961447346ececeb76f3b11c7ccfa83959e2a4a772c23a28Virustotal results 16 / 69 (23.19)Heodo
2018-12-122535.exeexed78ca82a29afaa0346056f6b8c83e435e5d3924aa4165a8917c00efc5dc67086n/aHeodo
2018-12-1283893.exeexe3b3bd1655912afd92856baf6fce9810e0161dd767321ce8e75176c36b42699f9Virustotal results 15 / 70 (21.43)Heodo
2018-12-12883.exeexe01dae8092875429070fe648949048114b8154bf603fd7e385a7f5001c224c4f9Virustotal results 16 / 70 (22.86)Heodo
2018-12-1271639917.exeexe2b45cb92e0c571ea00586ae017b0bf1e21e47a22c8475771a1138297da8ae0bcVirustotal results 15 / 69 (21.74)Heodo
2018-12-1265.exeexec1616f22db5ad96246d56b04da630213a18697bc054348c2eee69554637a0678Virustotal results 10 / 70 (14.29)Heodo
2018-12-129631721.exeexeed54ce7018329873d200ac07b115ca030a62bb12c9d372151e820f3a6b730e28Virustotal results 11 / 69 (15.94)Heodo
2018-12-129334.exeexe5ac10964f514da9eef6fe68446e5e5a51c47dfb898c633019db7aabbc5934017n/aHeodo
2018-12-123206.exeexe8d6e6b44a84e5502c17c19ad6e0c8255a0747e684c9052dc7ea5101c5644a199Virustotal results 10 / 70 (14.29)Heodo
2018-12-12196965.exeexeff5c4eb575647103f4c16854bbfca9f45c201b9f32cbd5d0b568391ac29883ebVirustotal results 10 / 68 (14.71)Heodo