URLhaus Database

You are currently viewing the URLhaus database entry for http://sabkezendegi.ir/images/lisb.jpg which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry




ID:102060
URL: http://sabkezendegi.ir/images/lisb.jpg
URL Status:Offline
Host: sabkezendegi.ir
Date added:2019-01-08 19:34:05 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL :Not listed
SURBL :Not listed
Quad9 :Not blocked
AdGuard :Blocked link
Reporter:@zbetcheckin
Abuse complaint sent (?): Yes (2019-01-08 19:36:01 UTC to arash_mpc{at}parsun[dot]com)
Takedown time:1 month, 0 days, 14 hours, 30 minutes Bad (down since 2019-02-08 10:06:58 UTC)
Tags:exe Smoke Loader link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-01-29n/aexe 698746837170ba68297705b60aa99df1cc406f5396bf1a28410bb3286ae330cen/aSmoke Loader
2019-01-29n/aexe 560b5554e66fff7e5c64a7e061d7dceacc7bef4ce8e32ec49103fb8ff7e0d19cVirustotal results 32.39%Smoke Loader
2019-01-28n/aexe 5a7c04acee919527bed44989e3e8906a45d240db0e2427486e3a587abd626009n/aSmoke Loader
2019-01-28n/aexe 00de50e39e76fe23df42f435dfe0c0571b41c06a4337f15dc0c70ef28182c332n/aSmoke Loader
2019-01-20n/aexe fb23701211422518106f9d6a3846305e739d939a5ed64d94e6cb014a2e3e6e57n/aSmoke Loader
2019-01-18n/aexe fe91dac0fd9c6de09c0a3ea3767ea4c520c6e6d88345f309cf08c8c00c17ddc2n/a
2019-01-18n/aexe 45d98cc3717877368dfd239949a424619f702c1c6170528b619815a2f00a78c0n/aSmoke Loader
2019-01-15n/aexe 579952a27f1dfe28098035845c86a9a3a499431a49db9fe52568db9b9c22c0b5n/aSmoke Loader
2019-01-15n/aexe babf176e9b1828c5abfa16ee1af44bc539b07342511b86f14db901f7cef4cda8n/a
2019-01-08n/aexe 8d961256b1c67454baddb958d9e624951da628b00b1f3b5410dc18fd3793b5ddVirustotal results 42.25%Smoke Loader