URLhaus Database

You are currently viewing the URLhaus database entry for http://www.js-hurling.com/fkafgdfaupdatesosnfkgjfgafgfjrsgbbfsjbbfgsgk/migfbewnaeopmguywjfffrvgqg.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1698360
URL: http://www.js-hurling.com/fkafgdfaupdatesosnfkgjfgafgfjrsgbbfsjbbfgsgk/migfbewnaeopmguywjfffrvgqg.exe
URL Status:Offline
Host: www.js-hurling.com
Date added:2021-10-20 06:11:07 UTC
Last online:2021-10-20 16:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Not blocked
Reporter: abuse_ch
Abuse complaint sent (?): Yes (2021-10-20 06:12:03 UTC to eig-abuse{at}endurance[dot]com)
Takedown time:10 hours, 44 minutes Good (down since 2021-10-20 16:56:40 UTC)
Tags:AveMariaRAT link exe QuasarRAT link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-10-20n/aexe beab6228442545f5ea621e30107c9183ca9925b1d5d505f48cb9e278849d41b7Virustotal results 29.41%QuasarRAT
2021-10-20n/aexe 7c3d82960d1d2d702dc0e3acb111a7750c6d77da64d2543349f7248a21d091ecn/a QuasarRAT
2021-10-20n/aexe c06c43b6815113e32ad3d0ec407fa61a3cfdc43fa4a0b994747883ddb72789cdn/a AveMariaRAT
2021-10-20n/aexe 0cf9f47df9a93dd855aa9fc56d46f880a7bed1fec2a102559e5a3addd81bf4daVirustotal results 35.82%