URLhaus Database

You are currently viewing the URLhaus database entry for http://privacy-toolz-for-you-502.top/downloads/toolspab2.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1648069
URL:	http://privacy-toolz-for-you-502.top/downloads/toolspab2.exe
URL Status:	Offline
Host:	privacy-toolz-for-you-502.top
Date added:	2021-09-29 14:14:15 UTC
Last online:	2021-09-30 07:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2021-09-29 14:15:03 UTC to abuse{at}alibaba-inc[dot]com,intl-abuse{at}list[dot]alibaba-inc[dot]com)
Takedown time:	17 hours, 3 minutes (down since 2021-09-30 07:18:39 UTC)
Tags:	32 Amadey ArkeiStealer CoinMiner exe RaccoonStealer RedLineStealer Smoke Loader Tofsee

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-09-30	n/a	exe	28de63cf9d4273527e534ea9b07c5b9434960dd8ffc169323e6580c356568026	n/a	Smoke Loader
2021-09-30	n/a	exe	d158afc32c31573efe9e0d25404b94a2ebf29e8abe352d67e9e7b2378028bd6b	n/a	RedLineStealer
2021-09-30	n/a	exe	22c23de0a046b3652861d880ad53bbfca85448d0a6814d34151b1f359839dd37	34.33%	Tofsee
2021-09-30	n/a	exe	d4bec541272c470bc24653ca13fe85d4011e300b79026b767c6bd3abcb93b637	n/a	RedLineStealer
2021-09-30	n/a	exe	254a6fba99bc343cff7fd8f52f147a15db60287f378bddbf146e528a31c83285	n/a	ArkeiStealer
2021-09-30	n/a	exe	d852901bdc93f05c0dbb9692dfe08ca5465dadce441ef722b617314578fd5c0f	n/a	RaccoonStealer
2021-09-30	n/a	exe	4ba939154ee9df1004629da3aee541a36eb4faabe421190ddbbbf1ccd195e03a	n/a	RedLineStealer
2021-09-29	n/a	exe	d9d7046f7539fd97259759a51b02650790a961ddb0d8f0b9f31c76faf6d63a91	n/a	RaccoonStealer
2021-09-29	n/a	exe	49a6a2f2f8e82b14fec19f6ce61f69582ca36dc6555d0fac8ea8ec22fc798d7b	n/a	Smoke Loader
2021-09-29	n/a	exe	ec078bf46a67bb519f2f15227a024af19356993f9b5b26bd16d9248f42fb373d	n/a	RedLineStealer
2021-09-29	n/a	exe	f97e89dad337e5936597c7c6ae244f881aaf9b7953a7f2d4a5a715d5e0547163	n/a	Smoke Loader
2021-09-29	n/a	exe	30f7618ac2827de9ca3689727ae967b8a47e80a00fdeeff5738e4520136d809d	13.43%	Smoke Loader
2021-09-29	n/a	exe	90a1610439ecb994b5319da18731d0fdcad2cbcde61472602b28e62e187596af	n/a	Smoke Loader
2021-09-29	n/a	exe	97614bea3ffc4f6274452cb49bccb968f3f3778b3973268642ff27e22751aca7	n/a	RaccoonStealer
2021-09-29	n/a	exe	648b44272f4e84832f832c7c7e7ff93e9d1fae52c082ecc7635c043d1cc77988	n/a	RedLineStealer
2021-09-29	n/a	exe	44e29e5cd002e8d4d4f13432847f38fa79a1667b5fdef9b9f316c3501f3bb480	n/a	RedLineStealer
2021-09-29	n/a	exe	f085d79b0b46ad9eda7f2191e2e668314553251ab5d0f4936f84cd2c1afa2564	29.41%	RaccoonStealer
2021-09-29	n/a	exe	85450b08c8b089b5a642511b086c838e568dbc5a30174a398bb44eb62db6fdb6	n/a	Amadey
2021-09-29	n/a	exe	d14036b4ab78b2c6121138471582c33a4bf0dbd2076f4c9e640d34a994fce2d3	n/a	RaccoonStealer
2021-09-29	n/a	exe	e01749cfd587ae7029247ef900df2eb0e89e2fc594ca665d460a73bfa9564647	40.58%	CoinMiner