URLhaus Database

You are currently viewing the URLhaus database entry for http://cracksmsa.ug/zxcv.EXE which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1539388
URL: http://cracksmsa.ug/zxcv.EXE
URL Status:Offline
Host: cracksmsa.ug
Date added:2021-08-16 16:03:18 UTC
Last online:2023-06-01 11:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2023-06-01 08:38:06 UTC to support{at}zerohost[dot]io)
Takedown time:1 year, 10 month, 13 days, 8 hours, 50 minutes Bad (down since 2023-06-21 00:54:19 UTC)
Tags:32 ArkeiStealer link AZORult link exe ModiLoader link RaccoonStealer link RecordBreaker link RemcosRAT link Rhadamanthys zgRAT

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-06-20n/aexe 7e8fdf6b3addb0ddaaf3c920c3537c6708659a565c64aa5b76baf81537a76dc9n/a 
2023-06-01n/aexe 5d2e841645576d0eefcc6bcc6c0d480c0c6874f05a56e92441319a5c41b38979Virustotal results 68.12% AZORult
2023-05-03n/aexe 83263fa7b8c560ae026a24d6ea9e6eafb16aa207cc5557c65c7f71f703f3a593Virustotal results 44.93% 
2023-05-01n/aexe e99f79618b991de5d1052096950590a4fe833b885871a96bb1202e3d6dd876a0Virustotal results 55.07% 
2023-04-30n/aexe ff277e11345c79a60de0ba45011460629487e82e8b0b58a8ddfdfeca2d7623f5Virustotal results 45.07% 
2023-04-22n/aexe 0127ebf8628f963a453520b0149fc11fc5d0a56536ce2a41c9dfdd3c597a0746Virustotal results 23.19% zgRAT
2023-04-18n/aexe b415a5cc8d0c1c960e7bc16bcb9351943b2c998f9430b1a1425b715754cc1e11n/a ModiLoader
2023-04-14n/aexe c90193af8ffe050ad79402dfceb9274be08b300bc02ecb1e6394917ee50934e4Virustotal results 25.71% ModiLoader
2023-04-14n/aexe 8fb048d8878181b7b1f20221d680689dcd61dcbfc10734ddd250e3a2d2d6eb19n/a
2023-04-13n/aexe 3cf6d37f5777abe1c59a28f3b92bc7aa3c8f91692d11e82c9bc362606c1aaf65n/a 
2023-04-10n/aexe 54d01da9e6fbd81837ce2800be97a57d750e97e9d02aec4b34341b4c8684ba0fn/a
2023-04-07n/aexe 4130ce135fbfab00618f261a0397e88479d2f61e1ed0d09ebcde525439774f3eVirustotal results 37.88% AZORult
2023-03-23n/aexe 6ad4c22533cf835aaafd24303e155aa431d3aa38c1746dc8fccf2924e0be4b63Virustotal results 23.19% Rhadamanthys
2023-03-19n/aexe 18f3d8d8d8048a1124bb3ac796995e90a089d27300b9a1d4f414c9c2b420bfd1n/a
2023-03-16n/aexe a54493e71a7f28fe61e607ba4c089ada71e13ff9e1df6cef5619a4163e2b0a1fVirustotal results 23.53%AZORult
2023-02-05n/aexe 4908e51e65bf67fdc3a559be7c47c3df1354a4a864b931cb176d282048f8d9c2Virustotal results 32.86%AZORult
2023-01-13n/aexe 8c5df030de0c79f2155a60e0d5f41889ec8d07d441279d406996dca4639f8539n/aRecordBreaker
2022-12-18n/aexe aa4185102f68d05e1dc41d46e7b65cfb4a12e1f8694b7300264a6044a51f6931n/aRecordBreaker
2022-11-26n/aexe 2fc0f46e2ceded0b284d4f41759de65e73532900202260b98769ebfaf3244951n/a RecordBreaker
2022-10-20n/aexe 9863e586e8d5decaa99012e2ed53efc3825cfe755e2143672420ebe29ea20179n/a 
2022-10-07n/aexe 599fa7fc07b1b8265ea936ce641733fcec03eb0fe8cc4822e5a752b6629e216eVirustotal results 71.83%RecordBreaker
2022-10-01n/aexe 8e2d87f5f34b7764e66644f831467e469dcc18a30a17d02252880851f560783dVirustotal results 22.39% 
2022-09-16n/aexe 60e6da1143cb32a41ecc76952d3b4ae8a8910b790973473e61fc2eb147704af7n/aRecordBreaker
2022-08-20n/aexe 04fb5a1f6082a09a55bec26e0748918da0d1007e2a43c70723dc79cc7c413079Virustotal results 67.61%AZORult
2022-08-14n/aexe d81620ec69feb5e745b23dacc25b874cef4db7b0daeaefbdb739300838f4d343n/a RecordBreaker
2022-07-10n/aexe 28455b1a0b29240e95877cff96528b3a196f0cf3a63d9980dc70349cdc0e1e74n/a RemcosRAT
2022-06-25n/aexe 79103532395036c14b755d90f9cacfdec6b588f1b031a7cba936c1b9d2ef3b51n/aRecordBreaker
2022-06-20n/aexe 529586cbbd8586d7f33a3ea9bdd517b7ead617b4e12165106e81e4bfad859474Virustotal results 60.32%RecordBreaker
2021-10-03n/aexe 314afbf4a221c8ce6f8d2674277a3c2fb119c34222b5c3ed83afd79005e352f4n/aAZORult
2021-09-25n/aexe d3d844bca757cfac2bc5cd8cc9bd9d806358eb3af100fdecddb5d0848cd706afn/aArkeiStealer
2021-09-17n/aexe 2d7fcb87c1ac2786c319720a857328d19e7ac523396992b445fec60de47919dfVirustotal results 46.27% RaccoonStealer
2021-09-11n/aexe 42caa5a2e19134770914b3b33dffaceaae03a44fc52babd8abc250d7d7696945Virustotal results 54.41%AZORult
2021-09-02n/aexe b594ae37dfb90a402bda0803680b455ababcc67e1add26f3c3f8f192d97dbe2aVirustotal results 55.07%AZORult
2021-08-19n/aexe 547bf6d6ed5ae181513ed653109514c73e5f50c3ea3a094bcd382fbd3c4b4bb0n/aRaccoonStealer
2021-08-18n/aexe b7f7c6607354a0b83caccf57efef2d2447d212b7e0ee0f476abf069274cfd90cn/aRaccoonStealer
2021-08-16n/aexe 5e08ef6445c40ba0c1216c04291b0d9ef48f0983a9aebd25f214e6fc988daa53Virustotal results 60.00%RaccoonStealer