URLhaus Database

You are currently viewing the URLhaus database entry for http://oftalmovilaplana.com/wp-includes/wfKu/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:972189
URL: http://oftalmovilaplana.com/wp-includes/wfKu/
URL Status:Offline
Host: oftalmovilaplana.com
Date added:2021-01-20 10:34:04 UTC
Last online:2021-02-01 09:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: waga_tw
Abuse complaint sent (?): Yes (2021-01-20 10:36:07 UTC to abuse{at}cdmon[dot]com)
Takedown time:11 days, 23 hours, 23 minutes Bad (down since 2021-02-01 09:59:51 UTC)
Tags:emotet link epoch2 exe heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-01-20MLPGhTYVeeoxAGyUV2tyd.dlldll 01e14d7d7d88ef53d4f9443170bff682dc9c72f13451c18c9032a5e440975e98Virustotal results 33.33%Heodo
2021-01-20fTO.dlldll fb535457767b8de3b7d88b414c728c1427a03935bd99eabd9120c3ea98120d5en/a Heodo
2021-01-20mKeyWzhhRRRA0zDMM3PM.dlldll c4e0efbf94f7bbbdc710938e42049b016e1de7913e322c48db2dbf0000dd421eVirustotal results 44.93% Heodo
2021-01-20wEzov0l6XmJxcJG9.dlldll 76098df8f34147b504a5f874e8fac44aac33fe84c72b429b20f9b52bae33f67fn/a Heodo
2021-01-20SOZBxBdwvsPQCLSg.dlldll 4bee36e62802b5166442a6ce43b898dd5f9e66bd8525ca8c0003ad53f53b257cn/a Heodo
2021-01-20GNj4At12a96D.dlldll 0004695007339858b805ac916ffe6a923113fb51fa6c88a1d5ac02f2b09c62adn/a Heodo
2021-01-20SBo8iGQDi0KGmwszk6GkK.dlldll 60f29cbdd43c858980316fa4cf094c09a5bed06ec4bdbbee0e9c3e04697b836an/a Heodo
2021-01-20KSTD6.dlldll 8ab553544934dc6365b0b8efc1636866247b5029830ba075fcf1376fc8c016een/a Heodo
2021-01-20dlRsqSBHBQxND.dlldll 7066c37c66f28c492b4cfe233118141a2b1b1d7191bd9ada2318dc446f750b7fn/a Heodo
2021-01-20gJSGyADAwquuwptyz6.dlldll 532b0153b412fae9f5a661051af1052c6aeb815fef96c427390a0c83ea488586n/a Heodo
2021-01-20xsdM.dlldll c01c4bcb6b46969bad5dad6dd363044e564355c4cf8f11f241ff470d88e33871Virustotal results 39.13% Heodo
2021-01-20u4uWyjtSW0KRB5.dlldll d7865ee84680217b5cc31da5569ba48ca0b55614bf85a9a3ef42eae4267778bcn/a Heodo
2021-01-20AtbA6MxtMMJFNkw.dlldll 1773d96b644e135e41f3f4dda956daf4c542459a5ce0f16808dbedec378f79e2Virustotal results 39.13% Heodo
2021-01-20oTqMfEWemPtzT0oRo.dlldll bfd05afa42eb7b8ee1744f49a9bbc20c970013f0abf1f9dc0742949ee2db0f50Virustotal results 39.71% Heodo
2021-01-20mpFc5lFzweuOyIERe0.dlldll b469ffdc07099864769f375fec04abddf0a8ab9d7aa716cf35baa29331dd5696Virustotal results 39.71% Heodo
2021-01-20tpcLywK9.dlldll 5f8fb29410c24ec54fa04ecaac7a595044e8a0c87d687156cbe6cb76f83b4544n/a Heodo
2021-01-20dTZ0xFJpvhbwAUopz.dlldll ab71e48dde634880c4e6315ba22c94cb45f59800f5b84aa019cc5a6e05bd4d1fn/a Heodo
2021-01-20DwvvhEZKj1H9mIKI.dlldll d52837043ff5729b21b553ba44775b6b1a7e7eda77e6f8277c90add9b400f13bVirustotal results 37.68% Heodo
2021-01-20s4zR0vjgC7mkBkAJ.dlldll 63e4cbc6c22363dc154d94cf41ad88bba51e31ddf58b28e1fd7b90837cdc2276Virustotal results 36.23% Heodo
2021-01-20n4oP7V0Gy6muY8vI.dlldll af984edb077fbfad7640b6bc0b4ccb23fc8291ee861de63bdc071be1a89c9c2cn/a Heodo
2021-01-207C6zcpvX545SxUP.dlldll af84206f994449d201c6640f3db0dae992bf399b6fbe1f859dd4cda1d74f0865Virustotal results 36.23% Heodo
2021-01-204Js3kzJ2nGgxENwi7KE.dlldll 05e6673f2586636c8626b1601aaaab71f1f259ec8caa065e302dcbf4e3f6a4a6n/a Heodo
2021-01-20BE5avbW.dlldll 57dabfea008108c1cdc78ffd6033fe33578a0906504c73e612b3b8b407942f62n/a Heodo
2021-01-20WAXNPKr5NYI1nplPV.dlldll f1b42bfac35dff2096c7242796a4dbcfdb192660a1a755a38a4a389325b38f7cn/a Heodo
2021-01-20zruMJHYn.dlldll 438863afc18f24609d82e0be123cd1c5925e71c75d0f8f850b4da26b6b11d272n/a Heodo
2021-01-209CTOD.dlldll a94583bbbe3f7ca9993305896e49c8e76e498ba618e27930282327bdd793bc5aVirustotal results 35.29%Heodo
2021-01-20kmheppokQ7L.dlldll 70cbc2a12bffef72af108050325f0627a07fcdfe2a2251e287db6526716aba34Virustotal results 31.82% Heodo
2021-01-206dNrP2D6.dlldll fbc1d2c8aacf9164d1a002137e94d0afbcfe3670b2715c0c3596d2f38761b941n/a Heodo
2021-01-20zrqgBnQXMx.dlldll 9698b4f5583d29a40589af606a2f54a7dea724224543d889d231422c807b9ff3n/a Heodo
2021-01-20gpXTPSjyGIQq9PpI1Wy.dlldll 8c7c1d3b2640749e69d2a301987c2f3868e5cdd46daf9c893321607a24a3cf9fn/a Heodo
2021-01-207AVDeI54t7.dlldll e0319fd1f9a667d92acb7fa07f9d8480d483f1203ac786ec1477b2825b4e96a3n/a Heodo
2021-01-20l9rLzBrmYVCKW.dlldll 6d58153d9725b7efb72cd960b7817b6ef2925e441a0206fd22c87ce26d24e873Virustotal results 32.35% Heodo
2021-01-20umSA7RM1KpddYU295aV.dlldll 0e4e96562ab652823f3371c549282f6deb8d0ddcb86126c85c1fbe3d6898b2edn/a Heodo
2021-01-20j6qJ2050u4Ue9.dlldll daea18a31d0e73fe38f46630c710f3071abdbf2bd568d9aaf822b923aa1a27e0n/a Heodo
2021-01-20ceplhFDW65SARd0oXO6c.dlldll b112083a31e6c6270c25a371a8eba9c300874eca10ee525d02eff4e65819a972n/a Heodo
2021-01-20QN3sh.dlldll ad67bcc57a67d58fad8caea769c36c752c13dde2cd5a1e28a8c055fd1b4d7a55Virustotal results 32.35% Heodo
2021-01-20JA2PYm0qO0NMQ.dlldll c8943905c1e44650615123cc9393fcfd7e2b48cdd723aba1a99d5e79d26af056n/a Heodo
2021-01-200.dlldll 368dc6f286c95e9cbad90c0d09a28eede75c17c1df81cffb4f3daa6811772a54n/a 
2021-01-205.dlldll 82e9d4724a452afb6530cf749708e6ae75208ae1108b95ebc4d8b0ae4f10cf56n/a Heodo
2021-01-20QqXX.dlldll 2875d7c88746bd513e4939ab6ee07b5f92d1b7c8db8a1e6e795dd053d517f480n/a Heodo
2021-01-20lgcfcsim.dlldll c414449075a9ac22f671c3c90be00873b1abacd3fe298d05559ea3af0a37aa4en/a Heodo