URLhaus Database

You are currently viewing the URLhaus database entry for http://www.frcomex.com.br/pdf/pdf.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1910961
URL:	http://www.frcomex.com.br/pdf/pdf.exe
URL Status:	Offline
Host:	www.frcomex.com.br
Date added:	2021-12-22 14:49:10 UTC
Last online:	2022-02-08 01:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2021-12-22 14:50:24 UTC to abuse{at}ovh[dot]net)
Takedown time:	1 month, 17 days, 11 hours, 2 minutes (down since 2022-02-08 01:53:19 UTC)
Tags:	32 AgentTesla AveMariaRAT exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-01-28	n/a	exe	19a49c9cb9da2bc3b2118a642a80937c4250e754c3773bf87b6ee557593ce75c	n/a	AveMariaRAT
2022-01-26	n/a	exe	475557cf6b3350281115e918b51953c55b5e06ecb815f4dcb682cceb0c096389	n/a	AveMariaRAT
2022-01-25	n/a	exe	4be36802d451c0339a624086b90b07248e15d5b97119326ecc403202c4ce9363	26.47%	AveMariaRAT
2022-01-20	n/a	exe	df9e4e2e3d471bed34b84bb14015928f1a9caeb46b55fcc111d384e199099cd4	n/a	AveMariaRAT
2022-01-19	n/a	exe	33e776ea3003ef1d2c9383df7fd00e36de86ace90b2693798cbe0d49c2284b85	n/a	AveMariaRAT
2022-01-18	n/a	exe	1d7db21c412dd7d1a7e0916c10d1db536e3722042bac7417a510c438f8841921	n/a	AveMariaRAT
2022-01-18	n/a	exe	e367cbf5cc611dda9664931ab3fb0bbfdf1c56c633aa8f7c9473ba736da974ae	n/a
2022-01-17	n/a	exe	17bca3c475e1924959913013bd8abb518f2d206d6aadafd15a9b5468b54b928c	n/a	AveMariaRAT
2022-01-17	n/a	exe	f10f6f1b92d0498bb45ff22ae0d3c9337afc67f17484d17a17a4c95bada4fd90	n/a	AveMariaRAT
2022-01-14	n/a	exe	ff3b1d7c37f76f32fa1e35235219710b93f7ec98d7009e8f02c84c3626b6215c	n/a	AveMariaRAT
2022-01-13	n/a	exe	9011683087e75b6729c3aa410f6263f856999a08e76f82beceebdfdd51e098e3	n/a	AveMariaRAT
2022-01-10	n/a	exe	acb8bbe441cb61ad58a298b9d7460c88caf003cae9e2e8762530a999aa65eec9	n/a	AveMariaRAT
2022-01-07	n/a	exe	677ea3bde24fd6ccb8945d584eab801c52309dd46f98b2ea6f433e173379c91a	14.93%	AveMariaRAT
2022-01-06	n/a	exe	9ef2af9dab98d55dc0305406b2c900f0043b13155866fc6a8189d30ec6046e28	32.84%	AveMariaRAT
2022-01-05	n/a	exe	f46c908b3e728a16ee971d886207c0288dd82e6528b7b6a18b48d1e5a565ca74	n/a	AveMariaRAT
2022-01-03	n/a	exe	1ba55192b1d0898473aafea254c6962e98f7b87c9ed5cf3a6ef071810268fff1	n/a	AveMariaRAT
2022-01-03	n/a	exe	f23d02cdf53583b863b2df8235ed3042c8206529863c02c2ea1d79dcd5a35a4a	n/a	AveMariaRAT
2021-12-28	n/a	exe	9477c3e0309e6efa19d5f49818e2d5982e06dab73af94b774ed036dded0fd98e	n/a	AveMariaRAT
2021-12-28	n/a	exe	9ab3af162e2ac7ac96c86233268da3641e9a008b90d98015691b1f18d13a9e83	n/a	AveMariaRAT
2021-12-28	n/a	exe	65f8433a6d7c4b98a37b8743e62e68d074aa4cc6180476e782783c5f00992f18	n/a
2021-12-27	n/a	exe	64a4ec0b25dc982072c05f57227635c8a0e1a7ba0bd5dcce8ef2c7f27fe7726d	n/a	AveMariaRAT
2021-12-22	n/a	exe	af4df5124db2d9652f4e6981c92b120ca29558d79e393f29f4f6f2d427633ea8	43.94%	AgentTesla