URLhaus Database

You are currently viewing the URLhaus database entry for http://squadlegion.kozow.com/m.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1646847
URL: http://squadlegion.kozow.com/m.exe
URL Status:Offline
Host: squadlegion.kozow.com
Date added:2021-09-28 15:16:10 UTC
Last online:2021-10-08 18:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2021-10-08 17:45:06 UTC to audit{at}firstbyte[dot]ru)
Takedown time:1 month, 15 days, 22 hours, 48 minutes Bad (down since 2021-11-13 14:05:26 UTC)
Tags:32 CoinMiner exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-11-13n/aexe 52c44d26602303eff3243fc80f760e56bb483701993f995fcb4c5a542ccfa0f6Virustotal results 42.65% CoinMiner
2021-11-11n/aexe ea927951d140ae36b613e698856e656bcc9f4b65d75a89dd2f81f9aef33de375n/a 
2021-11-11n/aexe ce26e53c255329e7dc96a0acd54de2065e228b53edc337772127db2dfe227e21n/a CoinMiner
2021-11-11n/aexe 95aa6887f08b460a490b7264a2b0a36826eb49625c6b10c82a14f4bc7cc23b0fn/a 
2021-10-31n/aexe 856ec1c0d82402c07331b6828c320e2bbe830aef210e38292b7a9599e3edacb3Virustotal results 47.83% CoinMiner
2021-10-30n/aexe 7a77339b23e03d7b726fd9695dc86b905e07970cf4a9a413c3ef2356905cad22n/a CoinMiner
2021-10-30n/aexe 0381583d6121b04d1af05ef9e410352e7aec486f9929f157612d8f442fadb3a8n/a CoinMiner
2021-10-30n/aexe e1668947f5df6cbcf0da23e0a1e6febf0d39b96bb24f9396fa36f99e82a95ab9n/a CoinMiner
2021-10-30n/aexe 7bfddc26f823d32207d3a6309a311c4e7aa5945b19ead18dcab635af3cd02e34n/a CoinMiner
2021-10-30n/aexe 05adb109e58a0f24554f6a7d2a988e2600a01cb18f55d4d1fe0e7c4001ca4fc2n/a CoinMiner
2021-10-30n/aexe 866c6d1de9204ae8b6738ce615fa8d4e1852adfdd1136020e9ffed227873576en/a CoinMiner
2021-10-30n/aexe 19a09563113240451d2ba3ae76d58b349548695748c22566a7861f582627860cn/a CoinMiner
2021-10-30n/aexe 38d7d92438822ba76c69e0a6ad34650397623d903356db5cfee82307367b528bn/a CoinMiner
2021-10-30n/aexe 2927f080b7e532f9b41452bb863ea6ed5b7806f597367771614575887d4741c8n/a CoinMiner
2021-10-30n/aexe 5876c2a4a433356fdf29841f97780d9dab1dc7b193df9108281291a72c10ab69n/a CoinMiner
2021-10-13n/aexe fab7787c4091df4416960dd16b043e78c1e63e70db42841094a073912a7c39f7n/aCoinMiner
2021-10-06n/aexe 2a073ae75ece3d967d1dd97638a956c40bfd60207519bcbab19d31395b84e32en/a CoinMiner
2021-09-28n/aexe bcc7c88a78159d256da9838d8148b61bf92057b71eabf3bed83ed650d723562cVirustotal results 55.07%CoinMiner