URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	kkfd.ase6gasdegoo.com
Domain registrar:	Namecheap
Domain registration date:	2023-05-14 13:20:56 UTC
Abuse complaint sent to registrar:	Yes (2023-05-17 18:51:02 UTC to abuse{at}namecheap[dot]com)
Domain registry:	VeriSign Global Registry Services
Abuse complaint sent to registry:	Yes (2023-05-17 18:51:02 UTC to info{at}verisign-grs[dot]com)
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-05-17 18:47:05 UTC
Total malware sites :	1
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-05-17 18:47:06	http://kkfd.ase6gasdegoo.com/m/llaa25.exe	Offline	dropped-by-PrivateLoader fabookie	andretavare5

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2023-05-22 00:47:21	11c045290ca14b3648efff47a7615c52066f3867455f009f9a729e1a26b96823	exe		Fabookie
2023-05-20 13:15:13	1b208b3d04220f495f51714c22d8580859aceb25625d1129031c89bd772626fc	exe		Fabookie
2023-05-19 12:39:41	ecb908ae939550df6ebde6b56a6ff69ed71f440ecbc6f7781a557ae314ba8e37	exe		Fabookie
2023-05-18 13:46:09	83bc67794739021b52605666b8c314917ebf38eb260b5d9e2ea44b6c250c851d	exe		Fabookie
2023-05-17 18:47:06	94e03a7ceab6adddb4e2c0ebc59705a9c6bed46472c4afb9a42bcf439e727aae	exe		Fabookie