URLhaus Database

You are currently viewing the URLhaus database entry for http://zetlegion.kozow.com/b.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1646845
URL: http://zetlegion.kozow.com/b.exe
URL Status:Offline
Host: zetlegion.kozow.com
Date added:2021-09-28 15:16:07 UTC
Last online:2021-10-08 16:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2021-10-08 15:57:05 UTC to audit{at}firstbyte[dot]ru)
Takedown time:1 month, 14 days, 22 hours, 27 minutes Bad (down since 2021-11-12 13:44:09 UTC)
Tags:32 CoinMiner exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-10-30n/aexe c34f26c4c39465f97b2d05f9b35df66a3a51b8542fa71395011ce4e75d77c9cen/a CoinMiner
2021-10-30n/aexe d41e9d68b62b39d50f6ec2030095891fd1a50d1289c94ca329922280a65913a6n/a CoinMiner
2021-10-30n/aexe 1522553a639674dd7147588aa3c0313891ad0feab9455d7ef6862621655b2cb7n/a 
2021-10-30n/aexe e03e2250c145069df5c2556e0209fc27594f333e0fde5a9902f83afa17777372n/a 
2021-10-30n/aexe 3ee00e07d979a52ec38083ec94fed5b2384af6eba02552c889ebdec6c48723ecn/a 
2021-10-30n/aexe 469ed3ed781db5b03e15361a2cbcf4a2661e891718ccfadeca3ef24c9c96f430n/a CoinMiner
2021-10-30n/aexe 2ae6baa62465575014c3d5850f16079aa9fde8c8bac1390d7fba64cc49df4af7n/a CoinMiner
2021-10-30n/aexe 654bde0b097e6b1cf9781aa53350637dbfd4bc0b5d6af006007429cb90546cf9n/a CoinMiner
2021-10-30n/aexe 73112182c86def0c61edb867018f9487dc2d8ab9ae7573c3a3579e969b611dc4n/a 
2021-10-30n/aexe 16bbcc510b62d2df44e6ee40dd8f1998990280095fc3be3500ee811c62050090n/a 
2021-10-30n/aexe a7d1c66a9cee0450b40add954f78bfabeb5c2a210148b47d729948d68e1ae4edn/a 
2021-10-04n/aexe 2e8256aa3039d5c1c58eb459890030a2a3c1e6370112660f0423c5bf4b1a7f67n/a 
2021-10-04n/aexe f778a7d283c277a5180c044398f4a8d245b64d03e044d489512cac19bdf5a261n/a 
2021-09-28n/aexe 715e1eb5414e749e16fb3999dda7bcf8405e6fb4e14e66ddcbdf20a2e1af89c3Virustotal results 65.22%CoinMiner