URLhaus Database

You are currently viewing the URLhaus database entry for http://hhind.co.kr/intra/gmcs.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:120648
URL: http://hhind.co.kr/intra/gmcs.exe
URL Status:flame Online
Host: hhind.co.kr
Date added:2019-02-09 12:23:14 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Abused domain (malware) link
SURBL:Not listed
Reporter:@zbetcheckin
Abuse complaint sent (?): Yes (2019-02-09 12:24:03 UTC to ip-adm{at}skbroadband[dot]com)
Tags:exe

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-10-14n/aexe 6e4f2ee760e6b77fa57657567f16cc8a7efccdabd85620e195a40d785af18539n/a
2019-09-18n/aexe d1ae30b8f0589c9013eee636e63810adcbab6701b1aa6288dcb386a556bd15b4n/a
2019-09-18n/aexe b40c2bb64cce3262dcd3ccd5bf7750158139fb5bb23c69c045e534e24ad21655n/a
2019-09-11n/aexe 99a339b79a555b3a3762fdd5e86984150c3d052bdf8d6cad621970e291188c1cn/a
2019-09-11n/aexe 87196539a1da57fb3787d21d459bbfc2c029bdbfa577338ee1b5b5aa7f477ff8n/a
2019-03-14n/aexe a42f57bc6cfeec4b616d423ab3bd7d3d061197182d6ce5deeaaa034ffa246b12n/a
2019-03-11n/aexe d54ab8c1207c9a4f40c5243256be152deb59ae2d5547198185f1ef76a545d4f3n/a
2019-03-05n/aexe 8a80aa96f96ea28b12bdc409d2f2e1f6176da9115f30bab10c07f10366280146n/a
2019-02-09n/aexe 7a7298e5d6bea4203ee6673084b24db96701b2db20decbb84272152f26b1157bVirustotal results 49.28%