URLhaus Database

You are currently viewing the URLhaus database entry for http://paxz.tk/greatnesszx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2007390
URL:	http://paxz.tk/greatnesszx.exe
URL Status:	Offline
Host:	paxz.tk
Date added:	2022-01-26 13:21:05 UTC
Last online:	2022-02-16 16:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2022-01-26 13:26:48 UTC to abuse{at}serverion[dot]com)
Takedown time:	21 days, 3 hours, 32 minutes (down since 2022-02-16 16:58:52 UTC)
Tags:	exe Loki

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-02-16	n/a	exe	3b1e9c46793241d99a98c9fbe14cd630d78fc113614ef6c183fec42a3efe8f17	n/a	Loki
2022-02-14	n/a	exe	ccd2967913b9a793688ec7e95f92b8a6e0d595126d45a4b3cb1ab8482bf8268a	n/a	Loki
2022-02-10	n/a	exe	e74f8d865247f9d2a8a4fdb29eafc31e6d67d4db3d80b786f6db6f04d803f7e3	n/a	Loki
2022-02-09	n/a	exe	51f3daecbaaaabc039cbc60dbb3f6ec2e2be67d5987c224fcfc781a3d4de569c	n/a	Loki
2022-02-08	n/a	exe	6fbf32b25cfdfda1534b9f51dc51fee326db170e01156c858edf7997a9621ad8	n/a	Loki
2022-02-08	n/a	exe	d722f74a04f89e8f3af8e4cb5a43aeca14d07eee0e0c8f868040d5eb4baaffd9	n/a	Loki
2022-02-03	n/a	exe	9210eb8c921ed0764cdbb0be707d4599531a0076b4984ee57d1076c89c966aab	n/a	Loki
2022-02-03	n/a	exe	cdc7a28f5bfae148bc0317f4bc0614df9744614a79c758d29f4f154f73712063	n/a	Loki
2022-02-02	n/a	exe	433bbd895d20c467d50a6d9909eab21c1698ba1ff876a95abb912dbd7a10a253	n/a	Loki
2022-02-02	n/a	exe	acc4062193c163a6b87c426b6cd8b6ecbece7b523b0489e35f6b9b7a721c52d4	n/a	Loki
2022-02-01	n/a	exe	ece9c52337f954a6036b2cd05085e68fec2f58e91d57c382e38e649562d80bf6	n/a	Loki
2022-02-01	n/a	exe	97abde0ddb5b910f8fa45bcc1aec6ffda61ca0556b6c9ee7e175e51f9191db70	n/a	Loki
2022-01-31	n/a	exe	16dd3dab8ca4c6adf422e7d1d0c8256ce4d97a8c7f1e946021ca7b3e608db1ce	n/a	Loki
2022-01-27	n/a	exe	1ca6db75e32e4d85e0bf7d08c265bb2f562367844933200e91dfef8e73c3f78a	n/a	Loki
2022-01-26	n/a	exe	b0a6a533dd211b81330d35ed8b6802dba4a1ef4459c88ebd6ab896fa1e3f4b9a	51.47%	Loki