URLhaus Database

You are currently viewing the URLhaus database entry for http://zetlegion.kozow.com/m.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1646849
URL: http://zetlegion.kozow.com/m.exe
URL Status:Offline
Host: zetlegion.kozow.com
Date added:2021-09-28 15:16:18 UTC
Last online:2021-11-13 14:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2021-09-28 15:17:03 UTC to audit{at}firstbyte[dot]ru)
Takedown time:1 month, 15 days, 22 hours, 50 minutes Bad (down since 2021-11-13 14:08:01 UTC)
Tags:32 CoinMiner exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-11-13n/aexe 52c44d26602303eff3243fc80f760e56bb483701993f995fcb4c5a542ccfa0f6n/a CoinMiner
2021-11-11n/aexe ea927951d140ae36b613e698856e656bcc9f4b65d75a89dd2f81f9aef33de375n/a 
2021-11-11n/aexe ce26e53c255329e7dc96a0acd54de2065e228b53edc337772127db2dfe227e21n/a CoinMiner
2021-10-30n/aexe 856ec1c0d82402c07331b6828c320e2bbe830aef210e38292b7a9599e3edacb3n/a CoinMiner
2021-10-30n/aexe 5c2e14d21e1cc249bb846dc218e96dd6237328b1ba204c453683482bd5621435n/a CoinMiner
2021-10-30n/aexe 96e1ffba432471bb0a0c3d9d909393efa50c36a81bce26417faf7dd961c0b12bn/a CoinMiner
2021-10-30n/aexe 45fb8457cf06d252cd90b0d5be525aa826a5718e41e330b90ff4b6c7d1c3c293n/a CoinMiner
2021-10-30n/aexe 25dc538943c64e61b59b1caf0fc1913f1c0ec749d17936a6e55a184b4cf48b35n/a CoinMiner
2021-10-30n/aexe 05b498ab24542a6600ef88c4890e3c821e93060fc0ae8293141eef35fdecbce9n/a CoinMiner
2021-10-30n/aexe 7f20af9a2e405b1b3637b013fdd25b55a5f5768a6928ec0f2b996d64cef0b35dn/a CoinMiner
2021-10-30n/aexe d4dc4b528f13a200c0a0140c729ce391fa0d2eb84d370cb691632fcfb93bd19fn/a CoinMiner
2021-10-30n/aexe 004e858d83612bc54467cc91153e50954c50c25d53bb233376543eeac67bf4e5n/a CoinMiner
2021-10-30n/aexe 79965bdf810af8290c2ed6adaa2eb3fa735f3b8e8c3851d6e0fb3825acc80ff6n/a CoinMiner
2021-10-30n/aexe d45a6857e52ce1bebdcff87a91c39ea076623bfdeb5fe3a2027ea9cb70bda235n/a CoinMiner
2021-10-30n/aexe a958d2dfdd967adee049392e5be5860e0588aa753d7a2e48d8bbf9949ccdcc8en/a CoinMiner
2021-10-30n/aexe 61dd8dee0372c1ae94a840844567d6891fee4b13c800479ec7aa2051c6c81373n/a CoinMiner
2021-10-30n/aexe 9451169ecadde9c544b47e34f5813ab00588dbbc58defe24e70bb6be59673c66n/a CoinMiner
2021-10-30n/aexe 379689cc4e93103125536cdca171c97956edf9f3100d45f46720dd0b22728ca7n/a CoinMiner
2021-10-06n/aexe 2a073ae75ece3d967d1dd97638a956c40bfd60207519bcbab19d31395b84e32en/a CoinMiner
2021-10-04n/aexe 0e4f7cb3d901d83ac15c49ca543f53344c49ac5844c5ba8de8991ddf0a1dc4e4n/a 
2021-09-28n/aexe bcc7c88a78159d256da9838d8148b61bf92057b71eabf3bed83ed650d723562cVirustotal results 55.07%CoinMiner