URLhaus Database

You are currently viewing the URLhaus database entry for http://paxz.tk/exclusivezx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1989811
URL: http://paxz.tk/exclusivezx.exe
URL Status:Offline
Host: paxz.tk
Date added:2022-01-19 16:06:05 UTC
Last online:2022-02-16 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Status unknown
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: abuse_ch
Abuse complaint sent (?): Yes (2022-01-19 16:07:13 UTC to abuse{at}serverion[dot]com)
Takedown time:28 days, 0 hours, 54 minutes Bad (down since 2022-02-16 17:02:10 UTC)
Tags:AgentTesla link exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-21n/aexe bf355b1a895bb65ab02c1b446ccb192b6d44dc337dd6bdfca97fdb0c2751f28cn/aAgentTesla
2022-01-21n/aexe e0704a694e935943ebadf05fac8e531cef005acab38b99a2e53ac0a101793553n/aAgentTesla
2022-01-20n/aexe 3464aeb37533874adbaa551d7850473649eab0394170c824091ab4978df0294en/aAgentTesla
2022-01-20n/aexe 40a96f12e9f876806c1f6e1debdcb4acaad09d65a29b302ab803978457af4118n/aAgentTesla
2022-01-19n/aexe 6aff239dea583fdf25d73f636e28a43e82ec19cc9d9f1b9a4155706d3498fb01n/aAgentTesla