URLhaus Database

You are currently viewing the URLhaus database entry for http://rz70tom99.band/xap_102b-AZ1/704e.php?l=xorof9.gas which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry




ID:119409
URL: http://rz70tom99.band/xap_102b-AZ1/704e.php?l=xorof9.gas
URL Status:Offline
Host: rz70tom99.band
Date added:2019-02-07 14:32:20 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Blacklisted
Reporter:@oppimaniac
Abuse complaint sent (?): Yes (2019-02-07 14:56:02 UTC to noc{at}baxet[dot]ru)
Takedown time:8 hours, 32 minutes Good
Tags:exe geofenced Gozi link ursnif link USA

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-02-07xorof9.gasexe 4736d1dfae30644711fc7df0e0dd756e87542db6335f3f2ea5253f4ba41124a1n/aGozi
2019-02-07xorof9.gasexe 6bdeb1dd123a52a7d1cc929241c8bc8f23424db5084fc21a4cd0000f8c7bca5cn/aGozi
2019-02-07xorof9.gasexe 46141446d87df50626b6385926b9231aea235b5fead13028bbd426153d009314n/aGozi
2019-02-07xorof9.gasexe 8d15d5eb397bb03f41de2aedcb7cce33f9871867203a90c980e3fca8cc745801n/aGozi
2019-02-07xorof9.gasexe 52c537eaff3d1d7c1f45f9349bf0344d4350aa61c12c3a4228818f9922733534n/aGozi
2019-02-07xorof9.gasexe a7d92743d48d2fc6847afeddd6e0550ace5685f2b813ae5b1ea8cbdbf6196b7dn/aGozi
2019-02-07xorof9.gasexe 43fa4fc5358ca84e6c5d47a17ba482053272c483b85226da6980a3965fb7d4aen/aGozi
2019-02-07xorof9.gasexe 0885a679b0194ba2947aa30a8f0696c6c1d2df695b31f9cb05e96e95f9b8bb15n/aGozi
2019-02-07xorof9.gasexe e280f4b1e96f1a2c1895c346031f17e6414bdfec1fbfa03b105d8655932f94b4n/aGozi
2019-02-07xorof9.gasexe 5e2264419871052ad0647be8ebaa841da511ae2d81e049c706a82451677cb7c3n/aGozi
2019-02-07xorof9.gasexe 5049b799ce90853bbb85f49ed80aafedbc9b356c2d8cd8815040894616db15aan/aGozi
2019-02-07xorof9.gasexe 3ec4faa741e5b040bbe4fa2fc00ea305f8d439f408fc841e5b3968f2f1c1c5e1n/a
2019-02-07xorof9.gasexe dce35810c2dd4bffb2ce8ee579d4da5f0637393db146dada9928733609b6fd14n/aGozi
2019-02-07xorof9.gasexe 31c5f7ffb95d72c4eaca1d87c5c90c45a3c80e7b3cf83f51ff71128e56cafda3n/aGozi
2019-02-07xorof9.gasexe 2643594615c7ac60b9b2ace57aa3bdce3d38a6b1872ad3990792165e13a3234dn/aGozi
2019-02-07xorof9.gasexe e4d1421092d8e95bedeac64c853575f8c9365d7026d1ae598a3fc64c9109a807n/a
2019-02-07xorof9.gasexe a5a6208d206b1a6a436a617b0167fb67987231cc5d5742049ec6306a89bf13f6n/aGozi
2019-02-07xorof9.gasexe 9b6d823b9905713e5e767fe04f88780f33a8f6ecad59c4deb39669869bcdc756n/aGozi
2019-02-07xorof9.gasexe 5565b1f93eeb3268e8c92dbcfed8e0b9edfa3e93f9023798e89131d751905259n/aGozi
2019-02-07xorof9.gasexe aefdade0909d0fdb5d7e5c939d7d219c3d8eb854ec2fb87bb2256feb45a5a6afn/aGozi
2019-02-07xorof9.gasexe 91aa797e789967cf92c219f2577fce8b1c57e84d47800afbdac798f3d962bf28n/aGozi
2019-02-07xorof9.gasexe ee1483d61111ea25d86bb2a26e2284e9b52aa3225a9c797f99478601e5a02400n/aGozi
2019-02-07xorof9.gasexe 209426cad83a2e7f575cfd5fa57b332831759dacc32d36ed3246cf3e25a158acn/aGozi