URLhaus Database

You are currently viewing the URLhaus database entry for http://cracksmsa.ug/zxcvb.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1539152
URL:	http://cracksmsa.ug/zxcvb.exe
URL Status:	Offline
Host:	cracksmsa.ug
Date added:	2021-08-16 14:14:16 UTC
Last online:	2023-06-02 11:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2023-06-01 09:27:06 UTC to support{at}zerohost[dot]io)
Takedown time:	1 year, 10 month, 13 days, 10 hours, 47 minutes (down since 2023-06-21 01:05:10 UTC)
Tags:	32 ArkeiStealer AZORult exe RaccoonStealer RecordBreaker RemcosRAT Rhadamanthys Vidar zgRAT

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-06-15	n/a	exe	af97469272846b1111d2019f010fc7e9e8c6149777df1d09f7eaccbb031354e1	n/a
2023-06-12	n/a	exe	52bc1f7eb3b921bdd95ee2e00b42d3195d80c35c5002ade20f2df101b618715f	n/a
2023-06-12	n/a	exe	35ef5c3b4cee08c40298e6bc22320ffc48bb9e892cb1d44c0860ccfe187ed831	n/a
2023-06-01	n/a	exe	5d2e841645576d0eefcc6bcc6c0d480c0c6874f05a56e92441319a5c41b38979	68.12%	AZORult
2023-05-03	n/a	exe	83263fa7b8c560ae026a24d6ea9e6eafb16aa207cc5557c65c7f71f703f3a593	44.93%
2023-05-01	n/a	exe	e99f79618b991de5d1052096950590a4fe833b885871a96bb1202e3d6dd876a0	55.07%
2023-04-30	n/a	exe	ff277e11345c79a60de0ba45011460629487e82e8b0b58a8ddfdfeca2d7623f5	45.07%
2023-04-22	n/a	exe	0127ebf8628f963a453520b0149fc11fc5d0a56536ce2a41c9dfdd3c597a0746	23.19%	zgRAT
2023-04-18	n/a	exe	d9b498faf01b9eb598761915a6fc2fb4f1ab2317d354348baca6794730fd15d3	44.29%	Vidar
2023-04-14	n/a	exe	0cff8404e73906f3a4932e145bf57fae7a0e66a7d7952416161a5d9bb9752fd8	41.43%	Vidar
2023-04-07	n/a	exe	4130ce135fbfab00618f261a0397e88479d2f61e1ed0d09ebcde525439774f3e	n/a	AZORult
2023-03-23	n/a	exe	60289bfd6a3a67726074cccced70f113419fea3b76c00855fb7dc5fa332d3f7a	33.33%	Rhadamanthys
2023-03-16	n/a	exe	a54493e71a7f28fe61e607ba4c089ada71e13ff9e1df6cef5619a4163e2b0a1f	n/a	AZORult
2023-03-14	n/a	exe	9647f0d41ffd3a4ac705a55358906fa7c6fc7d26b5068a18bce4da9c7af0300e	n/a
2023-02-05	n/a	exe	4908e51e65bf67fdc3a559be7c47c3df1354a4a864b931cb176d282048f8d9c2	n/a	AZORult
2023-01-13	n/a	exe	8c5df030de0c79f2155a60e0d5f41889ec8d07d441279d406996dca4639f8539	32.86%	RecordBreaker
2022-12-19	n/a	exe	746669c6be1807fdafbc7ee3f1e958e1b584fa31688742bcc044d269af94b0d8	61.97%	RecordBreaker
2022-11-26	n/a	exe	9063dd7d69236cca3007587ccc04334b4289ec456f6983673f3d9f749092a29c	n/a	RecordBreaker
2022-10-28	n/a	exe	7fb0ba02228819f3f3774286d387cd02fae09fca7e6a0e456f92d1704f67e2a5	n/a
2022-10-06	n/a	exe	d4227ec9dd2159223342099e0ed7d55c0691fe677ab2fc513c149a137e50ced8	n/a	AZORult
2022-10-01	n/a	exe	9a81a9c84d36a49be8286458ce7c919538647711b28fedae9b5521762ff76030	40.00%
2022-09-16	n/a	exe	e553b05dd2afafadb6ad38d3463056e50cfa31ba3ac5489a7a114ec35ef10194	n/a	RecordBreaker
2022-08-19	n/a	exe	65020d58d04109f2e8f46d12e43aeee9e98ec182db4bd4a2b2c336978e696c06	52.11%	AZORult
2022-08-14	n/a	exe	ea34b776b896df9512f0aab37e3b0d56ff012a0906910a957db335f9e7dcf2d4	n/a	RecordBreaker
2022-07-10	n/a	exe	d75d7b0534ff648f16f5751be79a2c23158b6412a780180aec78c77c7e95071d	n/a	AZORult
2022-06-25	n/a	exe	6887d3d4d5baa135418c2305915c56b448960d03c427f6c63c430465ddaa6547	n/a	RemcosRAT
2022-06-20	n/a	exe	2ced9b36b931b73b1d325bececd01f0e4fa6bd0fff98f8b76f2f45b473311cd0	51.47%	AZORult
2021-10-03	n/a	exe	394c61c695af669dcfe4d3dcf73de5099ed8e7fea036dd25f45ff6d234f9547a	n/a	ArkeiStealer
2021-09-25	n/a	exe	3ef65642968377f832f577a3631fac424e24e3c86ead5539d31b0583ddd69de3	n/a	RaccoonStealer
2021-09-17	n/a	exe	e80d7de90473de5e1d9fb140d2537896872f7a7ca665e9342514426604f4f708	20.90%	RaccoonStealer
2021-09-11	n/a	exe	7b8ffb495d71939d9dfb9b4f4b0bd9bd9d3fad675aa487e2b20129c33f877c50	n/a	ArkeiStealer
2021-09-02	n/a	exe	93ddf61c1aa7c0b867ffbd579b9febdeed4b027d14f8b86d62f7da493706731c	22.39%	AZORult
2021-08-19	n/a	exe	d0b7a458e09fd14ae8476200bd5acf2fc93ea0e2fea357079a88df80e720c23d	23.19%	AZORult
2021-08-18	n/a	exe	e8e31ad00eb7d6e4124e0d9dcd2a2e4ca20afa68007c0e655ae8cc5ca4bfdad9	23.53%	AZORult
2021-08-16	n/a	exe	7045ebc8901b28437b116f9ff37d6e16caf2b47e3b7986cc233add8410f1ec9f	21.74%	RaccoonStealer