URLhaus Database

You are currently viewing the URLhaus database entry for http://ppz.devel.gns.com.br/temps/donexx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2215110
URL:	http://ppz.devel.gns.com.br/temps/donexx.exe
URL Status:	Offline
Host:	ppz.devel.gns.com.br
Date added:	2022-05-28 06:17:14 UTC
Last online:	2023-08-28 13:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2022-05-28 06:18:09 UTC to abuse{at}oi[dot]net[dot]br)
Takedown time:	1 year, 3 month, 7 days, 7 hours, 4 minutes (down since 2023-08-28 13:22:34 UTC)
Tags:	AveMariaRAT exe zgRAT

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-06-30	n/a	exe	18c71c0ddb3865bab4874bc60e18869e791f95dcc48db64afbcdc07b7a83165e	n/a	AveMariaRAT
2022-06-30	n/a	exe	0a6a04b924f8b72cd9a023067e6e0163d9eb44e6d241b07b17f1434b78094c0b	n/a	AveMariaRAT
2022-06-28	n/a	exe	94896124bc6176907f44cf83a035bdb2859ea3c7d6484b4835c6614d530eae85	n/a	AveMariaRAT
2022-06-27	n/a	exe	de7d8f26d62a3e61588bc5163b17cb5d9cc618cf07427292677b971d3536171d	n/a	zgRAT
2022-06-26	n/a	exe	8741d652a6bc1469248c950ca37f037b3a0b3bbf25725afe5ae38f177439cc86	27.69%	AveMariaRAT
2022-06-23	n/a	exe	6437bf93023eb8d8a4bbfbfc1d14efb8dd1f9d52dc3d9a39f83ad5ecc5207ec5	n/a	AveMariaRAT
2022-06-22	n/a	exe	589a9e173f726e2b35ce8579763a51933a3330599d525ba65da5b785a034c782	n/a	AveMariaRAT
2022-06-20	n/a	exe	f53a4ccc40c91fb6a59c11fec43ddd53c409b01690666896777044e339bcb04e	n/a	AveMariaRAT
2022-06-15	n/a	exe	e532450390f44c981a6f7491224a908a03f2ee6f683e890e969930f3fe368e1b	n/a	AveMariaRAT
2022-06-14	n/a	exe	21172b4dc6725cb8a4c579cd67e2ed87354359f7499758c412bfd48b3d707fca	n/a	AveMariaRAT
2022-06-14	n/a	exe	a7d4eebe3af3e4ac457c110f1ae7512f9a648ac525edfa03dc3cf36cf7754ea6	n/a	zgRAT
2022-06-14	n/a	exe	842dcc2824bf07d6a66c9e64fbc51ae403b31878d573d9e5bc1633768dc9a6f9	n/a	AveMariaRAT
2022-06-09	n/a	exe	83eb8e5bf5cf4c0331e92bcd42259afbef661f93018cf969f61553afb79d2546	n/a	AveMariaRAT
2022-06-02	n/a	exe	bb2f83a34180ef996e2ce398e25fba405d816f6a8bd4fb2a6989e2b07893a484	n/a	AveMariaRAT
2022-06-01	n/a	exe	144843eb1d44684de37a78c2586e17b3e561dd557597adcfaff20436719844f9	n/a	AveMariaRAT
2022-05-31	n/a	exe	a9c48392c34974e1c5d5860fd252692334efe0cac5d2a4b3afa22d450e3a6d3f	n/a	AveMariaRAT
2022-05-31	n/a	exe	a05fc0cb4b99b0c27e41a78bf46bf2e4715d79ad2c689fd5aa62a47e37cc3fdd	n/a
2022-05-29	n/a	exe	1851a8dd1eb684515d31bb1b3a2f162eab634af839c9ef1002a8fc40bed8e361	n/a
2022-05-28	n/a	exe	5460ef928999004419a3f3b1b58f85f8099415ec94b88be80a70d776df4c6718	40.58%	AveMariaRAT