URLhaus Database

You are currently viewing the URLhaus database entry for https://www.mediafire.com/file/1d23e6c6npsz5bg/21.ppam/file which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2043508
URL: https://www.mediafire.com/file/1d23e6c6npsz5bg/21.ppam/file
URL Status:Offline
Host: www.mediafire.com
Date added:2022-02-14 17:27:05 UTC
Last online:2022-02-17 01:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter:Anonymous
Abuse complaint sent (?): Yes (2022-02-14 17:28:16 UTC to abuse{at}cloudflare[dot]com)
Takedown time:4 months, 14 days, 14 hours, 54 minutes Bad (down since 2022-06-29 08:22:54 UTC)
Tags:AgentTesla link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-02-2321.ppamunknown a398573c4c303df3bd6f2119fd23a7314b3db9b42f286dd58ccc15de708923fen/a 
2022-02-2121.ppamunknown 8e860697ffb4844dd2899d9b92e1c82a768d9c0853a7e6f0bc0dccce54fa91e5n/aAgentTesla
2022-02-1521.ppamunknown 86dccf052775684f1833a1a7d61d125d37c8a32f96c0adb59a0ce4f9a45abc92n/a 
2022-02-1421.ppamunknown a845815c8b9db339a3e6c095655e1b6fe9ee84e1f3f66efd29b24d505655bfd7Virustotal results 17.86%