URLhaus Database

You are currently viewing the URLhaus database entry for http://my-dhl-invoice.top/erufudjjsnaweq.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:13035
URL:http://my-dhl-invoice.top/erufudjjsnaweq.exe
URL Status:Offline
Host:my-dhl-invoice.top
Date added:2018-05-29 08:03:32 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@JAMESWT_MHT
Abuse complaint sent (?):No
Tags:Ransomware.GandCrab

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-05-30n/aexe16521db188d2f030636096ce65edb777b39b93f6dd57dc173e79ca7e9ef23f56Virustotal results 46 / 66 (69.70)Ransomware.GandCrab
2018-05-29n/aexe692e5397f336b5d895fa194d0b8130340e5e0655d3eae84588e20083d3eee29eVirustotal results 23 / 65 (35.38)
2018-05-29n/aexe3956a5a371dc2294897c479d4f86f44bf89b2cebfcee62a263f589e116ce8b7fVirustotal results 14 / 66 (21.21)Ransomware.GandCrab