URLhaus Database

You are currently viewing the URLhaus database entry for http://fafhoafouehfuh.su/11.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	196689
URL:	http://fafhoafouehfuh.su/11.exe
URL Status:	Offline
Host:	fafhoafouehfuh.su
Date added:	2019-05-15 12:11:12 UTC
Last online:	2020-05-16 01:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2019-05-15 12:12:03 UTC to abuse{at}freebulgaria[dot]im)
Takedown time:	1 year, 0 month, 6 days, 12 hours, 56 minutes (down since 2020-05-16 01:08:43 UTC)
Tags:	CoinMiner CoinMiner.XMRig emotet exe GandCrab heodo phorpiex

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-04-20	n/a	exe	68657be04f5b550fec4671437e5dc5849408eada96f5ff44cb0972b0e28ca5be	n/a	Phorpiex
2020-04-08	n/a	exe	f8a3b64aa3c1c639a5ce1b100de860d4f97703879df0d01ce0118ae97c1b7423	n/a	CoinMiner.XMRig
2020-04-05	n/a	exe	a8f46fedf70cc67b71c9e147d30b72d6ca8b9708ec73e45e48b83bb97a383a65	n/a
2020-03-20	n/a	exe	11b00a800ef9e28b93329362c4923340080370bd506627273207ca1a422a4534	32.88%	Phorpiex
2020-03-17	n/a	exe	993d2f33be65ced84cdcaff1e57616a80f708ecfacb6f7b12c94aa65e121f080	35.21%	Phorpiex
2020-03-14	n/a	exe	03618500f13e022c459a4bb603f40a464b5c520907a0634d442fb9c4f8f27d29	n/a	Phorpiex
2020-03-12	n/a	exe	260623d46d2b96d2158293bd8eb21611a4d5dbbbd7996abcff2fa5d17d84a0ac	34.25%
2020-03-11	n/a	exe	0fdd21beb009e9675f955733c80e8053b5dafbb12d22b9cb761af3df82be6505	26.39%	Phorpiex
2020-03-11	n/a	exe	9d378340ae4e0da80a590927f139f70a875b3809592139024bf27e4c70997f9f	n/a
2020-03-10	n/a	exe	a9e8cc04eb20306734cbb0aaed90746f2e87260a1d66f20413efdf1c331fe0b0	n/a
2020-03-10	n/a	exe	e115c62d6bd273a988c07570b40cd9caed1873b8bc85384797debb9182a113fd	n/a	CoinMiner
2020-03-09	n/a	exe	468340a7d422c3525d4bb9c274511d77ce715f86f42eb8c790f5cc59bda6c32a	27.40%
2020-03-06	n/a	exe	8a3b9a9dc3f14dce7dff9280df58eeb183b4f3b8c57289d05212ce22e25d1c16	20.55%	Phorpiex
2020-03-04	n/a	exe	40a6fb569e0abd218106b96ea9f7f6e74e094937c63ed4fcd44bdd754542228a	20.55%	Phorpiex
2020-03-03	n/a	exe	1565d1de4d537a94e30ccfa2fcd87fcd56245fb03f72ff680ded7c1d1850ff68	33.33%	Phorpiex
2020-03-03	n/a	exe	2d78656550bb256779b9cadbf5970b5b9b097e600bb6d00bd91775c1eef84609	58.33%	Phorpiex
2020-02-12	n/a	exe	bfcf5fc1fcacbddc064955b2fe662a88f27dde3056d116dfc7857c9261c27d1b	n/a
2019-09-02	n/a	exe	d12100599ef8bf6d65b49159a00713e7e147d19d387af087e7313fa3a5ef473b	72.06%
2019-08-14	n/a	exe	b2ab7405186aa88a72c21e7ef3a5fa5e9f0ca25aadfb49c80e8b09ea507bd054	35.38%	Phorpiex
2019-08-06	n/a	exe	d0fcb364a1d37c93740edcb88695de72de8b53fcf29c6bb0fcbc792897fd9b8b	24.24%	Heodo
2019-08-01	n/a	exe	77689e7752470501d26cf8a5e2eb9b4e1ac372b27b2151268e0acf024e355f99	16.42%
2019-07-27	n/a	exe	1ab8feefd67f3706a42f996a3291d24a7ab2c5eb67d98236eb73995d587576ad	17.65%	CoinMiner
2019-07-25	n/a	exe	29c5bee50ae4ae71dee17438c7833ce25eac1a7dad491703eec74cf266b0e889	n/a	CoinMiner
2019-07-23	n/a	exe	db9e9ebd3bde83b601be37c975f9a90edb75bd09dff87548c4bc1157eaf73fe6	27.14%	CoinMiner
2019-07-18	n/a	exe	0c77b260ee3fdd2754cd4f289efce709519aad34fa3cb84663655a6240e45973	n/a	Heodo
2019-07-18	n/a	exe	cfa7edc52cb8289ea0822520adf2c116c879c522af81a8aea35e9421a9019535	n/a
2019-07-17	n/a	exe	64d187bed40d023e14d41b1a80d528f5c12dcf743fcb4de91530567d3244e09e	18.18%
2019-07-12	n/a	exe	6379c818071dbb2ef35c6f56c1bcee95da8791a5f24f4f74cd6c5deb788384e3	54.93%
2019-07-09	n/a	exe	9dbbb31e9df0c42d83a0fa7b610a9438dc3d727d8dd7eaa81418df25f87d5981	n/a
2019-07-07	n/a	exe	9e38c7f093d4f02631406ca00ed549386e794bf7bc0c53e6147b1cbaf10c8a69	n/a
2019-07-04	n/a	exe	48393fed57d7c4309373e400080449afa794f665f1a573ab26cfb316de4cef80	n/a
2019-07-02	n/a	exe	b1650c6085710bd89fdec14ce9a1a5f52d7199ab98671d994181b1e7116a0a86	n/a
2019-07-01	n/a	exe	7f9af5447e0da4702f9fefab0bb095b1323813c657c7387e74dcc0774f691349	n/a
2019-06-29	n/a	exe	7cb48b10cceccfbbbfb67677ddc9df820ee8c6d45a371dcf75edfd2fac8bf078	25.71%
2019-06-27	n/a	exe	fd6f317840d4aff0a173ec79b2c425461a4ecd46b33ce7b8f83efd8df6f8c9b2	n/a
2019-06-25	n/a	exe	d29b5cfe743635c3ca941df6086f2c6440d376742e7984f27c066d59133a0b40	n/a
2019-06-24	n/a	exe	a7ca204632f7c62e75b02978c62be386b47d4d0741f9bd7d826986cef7ca4304	n/a
2019-06-24	n/a	exe	7ef44ba16d0b062fa006d6da758affa17fbbeec52d3923324c1501d9dcee3a71	n/a
2019-06-23	n/a	exe	c6c6735b4111fbded7e1904b892104bf022e3425af374936d9d3a8b56b4a27b7	n/a	CoinMiner
2019-06-21	n/a	exe	2253bec8888c6c8fa3227dd6f33206e412309f0787ee67deefa63c50e99b4645	22.86%	CoinMiner
2019-06-19	n/a	exe	94869576b92022ee8e17fd3d6663fdae331870eb9d83854787626b32f3ad84f8	n/a	CoinMiner
2019-06-18	n/a	exe	fa9020c32b1c1b810b6c261e77863411bc64e70aed6d2a3bbbb82ebdcbaf8740	n/a
2019-06-15	n/a	exe	24a341780548aa0e17616e48dd1286ef91bfd9efc928820b8aff7c14c85a0189	21.13%
2019-06-12	n/a	exe	f06bc76647c37e85b60aec384eba21a56a3dc2ddb0b962536b05f1b827fee8b1	n/a
2019-06-10	n/a	exe	cdcca64a29f0bcd58c8a806a0bde74c82f51989e15a01f191fc4f8c31cd640a9	n/a	CoinMiner
2019-06-08	n/a	exe	6606987e6513c7738bcdfaa3d8422ef8a0385aa229ebea26de11e27074f6882e	n/a
2019-06-05	n/a	exe	ac0ea171c290812a7cd4cb774a12fb48b58e0e51d961404c069cca78af33d99c	27.78%
2019-06-03	n/a	exe	a8a87269b327752b7c38e1102df56a4fbb06721d753783b59a58c31882b6e153	n/a
2019-06-02	n/a	exe	7b0aab33ef164f9ac355102aca78710761abafedec4463e07312fc6d67668082	n/a
2019-06-01	n/a	exe	3c003520a83ed5b79d6aa53c0df087379137b4ebe26b2b501b27b014ccadec37	20.83%	Heodo
2019-05-31	n/a	exe	021a38e1421d50fe09927ca136fd3282e11f30a48029ae253ed3ef0a6b62c23c	22.22%
2019-05-29	n/a	exe	8eabca3a0e42d3502043af28f360c99317310397a3e8c4b5cddc11a2e75ec5bc	58.82%
2019-05-17	n/a	exe	c16b53acd39eec526698c8e4e90956880b1cdd30554d08086fe94b833ee3a5b3	n/a	Ransomware.GandCrab
2019-05-15	n/a	exe	2aae2375a8cf31575ea9a80bdeddc9ec97586e156e4d0d466d42ffec800ec267	34.72%	Ransomware.GandCrab