URLhaus Database

You are currently viewing the URLhaus database entry for http://app.microgent.ru/w/nva.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1392911
URL:	http://app.microgent.ru/w/nva.exe
URL Status:	Offline
Host:	app.microgent.ru
Date added:	2021-06-23 23:38:05 UTC
Last online:	2021-09-15 22:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2021-06-23 23:39:03 UTC to CloudFlare Anti-Abuse API)
Takedown time:	2 months, 23 days, 22 hours, 26 minutes (down since 2021-09-15 22:05:58 UTC)
Tags:	32 exe QuasarRAT RedLineStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-08-14	n/a	exe	31515fe26432d74840a3aa9766db44364e2f9a06a1cd4669cd3ef9a6dbfb9e0d	n/a	QuasarRAT
2021-08-08	n/a	exe	d977d80c3735df4761faf5e37f8f4874b36d2c1d6aaa731f4e37b36c813e5754	n/a	QuasarRAT
2021-08-08	n/a	exe	d2d3f197a13bdd19a00bc0a2e1de1704f3103142d723b0a6a0ab522aa0bd4524	n/a	QuasarRAT
2021-08-07	n/a	exe	cccbae1f5f6c7792c6a54cc84fff79dbdd24f1e9b54527143316541d7375aee5	n/a	QuasarRAT
2021-08-05	n/a	exe	e5daabcee417a3138938c563a3bb420cf9817cac24ec380b7fbe00614aaa8e9a	n/a	QuasarRAT
2021-08-03	n/a	exe	c0eee6869cb1d1b6c8309151b45795b8866f7171b365dc29f7610cf385264239	n/a	QuasarRAT
2021-07-31	n/a	exe	5bebac7645d934746b66be1a84584052dda9523528a6351de60ae00a6828f7a0	n/a	RedLineStealer
2021-07-12	n/a	exe	a484efc646ba0e97435959b7f4e87cf9a716d69623b13bc490a41e140dd296b7	20.00%	QuasarRAT
2021-07-07	n/a	exe	004aa2f93dd0c4293f79b00218ff5c85fb99d15d5d6f13bdf6264011bf38dad5	n/a	QuasarRAT
2021-07-03	n/a	exe	7bfa1a2593f74120d8f9ad1cdae68a06f22c86fdcc58eb9ecb3471b500330867	n/a	QuasarRAT
2021-06-30	n/a	exe	5c627ab23daa708e73eae534919c3f6494331df0dca30ab67047e0ec65182495	n/a	QuasarRAT
2021-06-27	n/a	exe	704d41dd4ca17a0c2817c62a2377df8f07c99883a952a3b037bacef4b3114e1e	n/a	QuasarRAT
2021-06-27	n/a	exe	5aa536fddd85f56a15349992de55d422a379ba2f5ee5e16bc6311d4c6471fddb	n/a	QuasarRAT
2021-06-23	n/a	exe	7ba2419d74a5a9c7ef362bf40d0e1563bd02fd16fada16c8da39cf178c6306be	55.71%	QuasarRAT