URLhaus Database

You are currently viewing the URLhaus database entry for http://www.xn--12clak1l9a8b4c5cvdd.com/update.php which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:10039
URL:http://www.xn--12clak1l9a8b4c5cvdd.com/update.php
URL Status:Offline
Host:www.ช่างงูเหล็ก.com
Date added:2018-05-15 08:36:34 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@JAMESWT_MHT
Abuse complaint sent (?):No
Tags:GandCrab Ransomware Ransomware.GandCrab

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-05-17n/aunknowne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855Virustotal results 0 / 57 (0.00)
2018-05-171.pdfexe70b2ad601664d79c07d96071f16e07aa637b380554fe5ff131e0b739bc68f82fVirustotal results 25 / 66 (37.88)Ransomware.GandCrab
2018-05-161.pdfexed2f851fd60e85be31a5c5015c1cab7021941a09dd274682124d85abaff49f641Virustotal results 22 / 64 (34.38)Ransomware.GandCrab
2018-05-161.pdfexe1350d7e63c71391b1315ccd5e6d64fd47b05a4b0daffc26d25482340b645ad84Virustotal results 22 / 66 (33.33)Ransomware.GandCrab
2018-05-161.pdfexee804fe8fe0573df48218d70c19e21145d504da5ed3e3e6100442e3b52996c3b5Virustotal results 21 / 66 (31.82)Ransomware.GandCrab
2018-05-161.pdfexe4dfe18b3f86e0435ac138845e74b63243d58ff9dc4210cc1d80e9508318fc6ccVirustotal results 23 / 66 (34.85)Ransomware.GandCrab
2018-05-161.pdfexefe26b3e32dd87960bb9b6081e49f618fe85b0a9593cc755a086284f2156d5b3bVirustotal results 24 / 66 (36.36)Ransomware.GandCrab
2018-05-151.pdfexed226e3be990a8ca772b121630200c24dca3bf19bbe5bcd4bc17ed2e9b34955edn/aRansomware.GandCrab
2018-05-151.pdfexea42057415aafb008dbde0367994084f98a23ac79d4429f580c4ec7f92774ac4eVirustotal results 15 / 66 (22.73)Ransomware.GandCrab