URLhaus Database

You are currently viewing the URLhaus database entry for http://dswa.1337.cx/windows.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1398049
URL: http://dswa.1337.cx/windows.exe
URL Status:Offline
Host: dswa.1337.cx
Date added:2021-06-25 14:59:07 UTC
Last online:2021-07-14 02:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Blocked
AdGuard :Blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2021-06-25 15:00:03 UTC to abuse{at}serverion[dot]com)
Takedown time:18 days, 11 hours, 42 minutes Bad (down since 2021-07-14 02:43:00 UTC)
Tags:AgentTesla link LimeRAT NanoCore link Neshta RedLineStealer link RemcosRAT link SnakeKeylogger link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-07-13n/aexe 97c3aa0cc8d19f8b56a41a00ca49375deb5172bded57237614ddd50a15341537n/aSnakeKeylogger
2021-07-13n/aexe 0f588cc0f351e5a7a82372fb978693bd088484d89d2219267a4fd7f7c52203d8n/aNeshta
2021-07-13n/aexe 438f7d98e5121ce6bd3018bd9e3e46964a4651fe22152ae5ad1ebc6d6f6b5b12Virustotal results 31.88% RedLineStealer
2021-07-11n/aexe 8e4c2e59aeff7aa83545597af30118fd8a596775ca8e44b058c20355e4810fe8Virustotal results 22.06%SnakeKeylogger
2021-07-08n/aexe bdc053240c0b051e88e2a38119cde7e92473f04fd9b6c08960a8a59cf91e1ec5n/aNanoCore
2021-07-08n/aexe 36d66cc784c6f77b43ed1293123ffdd00c3121fef540f1cfa9c17f1da6e6aa4cn/aAgentTesla
2021-07-06n/aexe 71b37b08c29c3da6a2ce10a171c87767ba77dee171d94b48a56e4413e30b2169n/aRemcosRAT
2021-07-02n/aexe b84bd3ee362bb7cec2a79c5db0b60264b0ee99a4e769790c0b426aca5393b3dcn/aAgentTesla
2021-07-02n/aexe 463f7c4188aeeeea4da33b41fb0c420a3e9a7855e8e2a139add7d255153ea7een/aLimeRAT
2021-07-01n/aexe 657cf5b353228351f20b758886ed20ea09b2f2ad0740ab826e8ffdf2df8ab947n/aRemcosRAT
2021-07-01n/aexe 0b21cb47c8a19319e7a3ea04878670d09a51e7b377fdcb9e0009f1cb0700348bn/aRemcosRAT
2021-06-30n/aexe 6858fcd2f6b042dc538d1c3fa198a4cc93dbb65a3e8d61da0700aa83dad8af93n/aAgentTesla
2021-06-29n/aexe 7f0f83a20ac901a1abbaa6ea5f1a95646a281599540a55c404db8262ab25eb3cn/a RedLineStealer
2021-06-25n/aexe ff91b720363ded7601beba0c3b9f73c4cd677c79e88f9b82113073d0691df7a9Virustotal results 29.85%RemcosRAT