URLhaus Database

You are currently viewing the URLhaus database entry for http://stdyrmtcntlenverpsfd.dns.army/documenrt/winlog.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1053976
URL: http://stdyrmtcntlenverpsfd.dns.army/documenrt/winlog.exe
URL Status:Offline
Host: stdyrmtcntlenverpsfd.dns.army
Date added:2021-03-08 07:37:06 UTC
Last online:2021-03-10 11:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: abuse_ch
Abuse complaint sent (?): Yes (2021-03-08 07:38:27 UTC to abuse{at}vnn[dot]vn,abuse{at}vdc[dot]com[dot]vn)
Takedown time:2 days, 3 hours, 26 minutes Poor (down since 2021-03-10 11:04:32 UTC)
Tags:exe Formbook link opendir

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-03-10n/aexe b8ae844621bf21969ca7070937f91101ca4f7277917979ad9d4a4ac43d6e5fadn/aFormbook
2021-03-10n/aexe 328347fb76bfbe6c93cb671972c70bcf298de581d33df0f13999c338225cddbdn/aFormbook
2021-03-10n/aexe 3d3095586bf72d6b631e44681654c68707a6f07987b02e367e7d88ac9ddab77cn/aFormbook
2021-03-10n/aexe c935e13396041731908b9fbb5c4e74c38b9f374eb9a47d419038ac539008c94cn/aFormbook
2021-03-10n/aexe a429373a65c453931ad3cf7fcc897520d2ac11da688577e0dee6f4d36e7cc030n/aFormbook
2021-03-09n/aexe b2697b1c939e346a4adcf8ed2cb4a0e493f2390a54a0457c95fea5485c2fa19bn/aFormbook
2021-03-09n/aexe 6a779c7bb81770cc34c733e0da1afb48d3ee0d4aa1e81b4c5776b2b6405c864cn/aFormbook
2021-03-08n/aexe 48b5f73b85cc94914ad9190896b29a400558a8a4a50e67132f7988e11532b5fcn/aFormbook
2021-03-08n/aexe 1eaac3194b53e9523347d6d8392bb9ac437437217b530f2c61a270459c7da06en/aFormbook
2021-03-08n/aexe c58abe9cc2eda9f80841417a5e8dd7c75416cf0183a6fda6b616a2c312450ab5Virustotal results 28.17%Formbook