URLhaus Database

You are currently viewing the URLhaus database entry for https://agenbolatermurah.com/ds/3003.gif which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1099610
URL: https://agenbolatermurah.com/ds/3003.gif
URL Status:Offline
Host: agenbolatermurah.com
Date added:2021-03-30 19:58:07 UTC
Last online:2021-05-25 08:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2021-03-30 19:59:10 UTC to abuse{at}ovh[dot]net)
Takedown time:1 month, 25 days, 12 hours, 52 minutes Bad (down since 2021-05-25 08:52:03 UTC)
Tags:b-TDS dll IcedID link SilentBuilder TR

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-05-25n/adll f7dc07f3111a2a61eb39c35a11489f6cd562e5ca7ae54e0ea4b3ee39fb051de4Virustotal results 42.03% IcedID
2021-03-31n/adll 402383b62a0810cac6bbf4f1f0f74a3053dd2897138678390e7620e2318072acn/a IcedID
2021-03-31n/adll 79d5679290220fc57dcff7238494dc0728dbd9f3c69ee34ff6eefb792b9929d0n/aIcedID
2021-03-31n/adll c020de5591125c66afc70c0264e5bbeba1fd0570bea729c37e408230cac0ee84n/a IcedID
2021-03-31n/adll 9a1a24619e982b687d446f0f6756f24030a1cd38952a8096478829f33c4c07a6n/a IcedID
2021-03-30n/adll d8d0ca5e414127bb47bf966e50a1eda7892c69f2592d719feda4b910e106a17an/aIcedID
2021-03-30n/adll 131705b45ea56c2c971d895fae4aaf73a4ebc53c86c67e0853ca8371dd24be33n/aIcedID