URLhaus Database

You are currently viewing the URLhaus database entry for https://www.teelekded.com/cgi-bin/LPo/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:972168
URL: https://www.teelekded.com/cgi-bin/LPo/
URL Status:Offline
Host: www.teelekded.com
Date added:2021-01-20 09:53:04 UTC
Last online:2021-01-20 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: waga_tw
Abuse complaint sent (?): Yes (2021-01-20 09:54:03 UTC to CloudFlare Anti-Abuse API)
Takedown time:3 hours, 33 minutes Good (down since 2021-01-20 13:27:43 UTC)
Tags:emotet link epoch1 exe heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-01-20ytFVD1WM.dlldll 2fbb7e55cb77aa20ea93f8292966bfcaaf227679a8e28fced898b4e94e25d14en/a Heodo
2021-01-209yJlTWuB89vxRsI.dlldll 6b709b795800c868668045b6eb6cf9356c2e8cc0b5ca48858f6dcb2a36ed2597Virustotal results 34.78% Heodo
2021-01-20seAhhv0ew.dlldll db0842c095871a4fa4e28a038fa06240bfa38ac082fef008d706310194ebb72dVirustotal results 34.78% Heodo
2021-01-20Vuij.dlldll 9a4b443e52573b448cc2e1a663ee01a10356dc9e13065e41297f980859b42c5bn/a Heodo
2021-01-20IZvYXIo9AT.dlldll 56eab6442bd5c0f8ec2447a95388f9d233bbb2e383f30acb4d9efbae5456f5a1n/a Heodo
2021-01-20rBOrJc6q0ZmvU63gnUI.dlldll 1576de693064abf1f8dc381321303e8a54bf29c76f1bfb578dbab579f3c6a8bbn/a Heodo
2021-01-20ZkP4Mr5UwGMwGYHgCwly.dlldll 4867cadcf3b8aebfcbb5fb5a77533eec1d6891e5431349559b8b66abcb558747Virustotal results 29.85% Heodo
2021-01-20ZnI.dlldll 9b6a3ad549a1a6fd1330c664522b40a36b3d7be812c3f6abfb64f0a9448120bcVirustotal results 32.35% Heodo
2021-01-20ZJE9LQt77sh3VKuhd.dlldll c39af3ae52d45997ef4849bf6d36747484eba0c8ec90ee7d89e9c61e86894028n/a Heodo
2021-01-200HY.dlldll 64b972fe2d98277f4c98b35bb7973dfbb0e6a466aed50ea5b87436021397e0c8n/a Heodo
2021-01-20Zng80uSa.dlldll 86681c0b82f94ec98be3a124d4c9437bef00801a8e0f64422019508ff1acae6cn/a Heodo
2021-01-20TUGgegEyXaBEkYHfRrT.dlldll f44d3356424ef50fb3c7f0e7d43eb3c5a81f2b267ce21b49aada139061e92a2an/a Heodo
2021-01-20SAtx.dlldll d970399f18575310926da297c2be1c53c3932d30002d7f5fe0b123f82d1673a5Virustotal results 33.82% Heodo
2021-01-20LpLNJvMFBHGNPgggPViL7sk.dlldll 137edf4857fe985ec2fdef04a9a094fecd4884519b77f974265fb4ee910c81fcn/a Heodo
2021-01-202KwRZ.dlldll ee080ee6c907f69e6604e817faf25ac3b2b86f680f5ebb67a024b9a39b879817n/a Heodo
2021-01-20UbYgAuezE5gPwCvBp22k4.dlldll d9122cd3d2ff91b6b962dcfb08dd5e91f982ecf070ea90e3bbeb4b1b76c1fe2cn/aHeodo
2021-01-20EdXBsi0xxZhJ8M5ryTC.dlldll 1b9e5ea1e9bc7b653981db6413a25bf223abde857f9ac5719a3fd151a80c4ce1n/a Heodo