URLhaus Database

You are currently viewing the URLhaus database entry for http://18.184.225.160/win/marorg.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1050068
URL: http://18.184.225.160/win/marorg.exe
URL Status:Offline
Host: 18.184.225.160
Date added:2021-03-06 07:08:05 UTC
Last online:2021-03-10 11:XX:XX UTC
Threat:Malware download Malware download
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2021-03-06 07:10:03 UTC to abuse{at}amazonaws[dot]com)
Takedown time:4 days, 4 hours, 46 minutes Bad (down since 2021-03-10 11:56:51 UTC)
Tags:AgentTesla link exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-03-10n/aexe b8f306fb8c064a7d4b5225d70c97595b563e9d9e2e585aa1bfe0ba56bff6ce17n/aAgentTesla
2021-03-09n/aexe e3485db2464c2d2c43be9447961a7bb434e44eba85039db4fdaf4520795cc4c1Virustotal results 18.18%AgentTesla
2021-03-09n/aexe b641319c88212713ad24eb947a2bb047372f18a66ca988bfb6018edffd4a369dVirustotal results 17.39%AgentTesla
2021-03-09n/aexe 7bfd725d73753a04418764767c8c3a06dca2f8cebb832784fd277b4d409101b1n/aAgentTesla
2021-03-08n/aexe d98d22ecbb72159e63bc28a743f1a79241363dcdc272674691570903fe334a40Virustotal results 21.43%AgentTesla
2021-03-08n/aexe dcf25c53393531d6afc2680fcedbb77d4826e4d109fbb001d3aaaed01798b867n/aAgentTesla
2021-03-08n/aexe 38ffaeb68f1b6522a4d6b9fc9902b8ca07bee7d8f505b376eae35bb05deea453n/aAgentTesla
2021-03-07n/aexe 8e2509dafa70d2deeb976980b3b4fb0a353d80f521e34e1409e6b2862d83105cn/aAgentTesla
2021-03-07n/aexe 855df18b5bb8c92bbd2b960914a6c88874a201cbd5ca656ec9c397870fabb887n/aAgentTesla
2021-03-07n/aexe f28ee29d6e4f2587b8fb1e2c5c85cabd5f2384973ec9273b9e97a00f2c6080c3n/aAgentTesla
2021-03-07n/aexe cba011ff738721f548b90c2297b21da4e3292ddd215dbce5a1b5df3371e8daddn/aAgentTesla
2021-03-06n/aexe 733eb03ef38af546cb67e52d53cfa696ae978fd7884fbdf1971c577c08b70c27n/aAgentTesla
2021-03-06n/aexe 3b7ee4facff2af3e6d06eb2d2ed64707aef6228fd57391a7e9539ae5ef71e31fn/aAgentTesla
2021-03-06n/aexe 3e72dc414aa2944ab3c34429b2499b87444e61cc36f1a218c2292a6bcb35aa58Virustotal results 20.00%AgentTesla