URLhaus Database

You are currently viewing the URLhaus database entry for http://mistitis.ug/zxcvb.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2254177
URL:	http://mistitis.ug/zxcvb.exe
URL Status:	Offline
Host:	mistitis.ug
Date added:	2022-07-05 13:44:04 UTC
Last online:	2023-11-12 16:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Blocked
Quad9 :	Status unknown
AdGuard :	Blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	vxvault
Abuse complaint sent (?):	Yes (2023-11-12 16:08:06 UTC to petr196721{at}yandex[dot]ru)
Takedown time:	1 year, 5 month, 1 days, 10 hours, 32 minutes (down since 2023-11-29 00:18:01 UTC)
Tags:	AZORult CoinMiner exe RecordBreaker RemcosRAT Rhadamanthys Vidar zgRAT

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-11-12	n/a	exe	ad7af6aca0ba3d2fe9adb3f391800420800c0f6aa00db064fc1292232a6d881e	40.28%	zgRAT
2023-10-26	n/a	exe	bd8dc93404d2549d18448b85a105d795f4fbe2ba160910e260cb6dd35c73f7e6	n/a
2023-10-26	n/a	exe	8868ea6af3214fc758c93c1cb909231a76e22e718a4917aae5f2a60cf12af094	n/a	AZORult
2023-10-15	n/a	exe	22224f65c07515b2f61e29f7f1a14005d0de54378aa925d9e017bb2ac26b5395	n/a	zgRAT
2023-10-04	n/a	exe	77bfa9410910904d05a73ad3d6c28c1aa02b9d2ec82419f73600615b8b27f9a2	40.28%	Rhadamanthys
2023-08-30	n/a	exe	fa4674f783962f90ae5352387aa31f1c841a4a280197db427ce1ad5e7bdbf0e8	n/a
2023-08-26	n/a	exe	4d030ee3c9982e4a88e105dc0334022604defc69a55eec329089e8366d0c3b81	n/a
2023-08-07	n/a	exe	29f5a8629986da0b4a353e5423fb39c505cba7c06e7aa4b5a4029c5a1669ae95	n/a	Rhadamanthys
2023-07-19	n/a	exe	bcf3266e8996bcdb7acb686034f264b07c228ce37f1212b663b636cc0317ee1a	26.76%	AZORult
2023-06-25	n/a	exe	fc6ddb1f7644597b84d14e3efa4cd1a1d1ad0083141b3fa2a613cd3c092f6505	n/a	Rhadamanthys
2023-06-21	n/a	exe	dfdc08b6daa2ba630dbe27a80c79fa4f9b36d193633b93274995d1c14e88012d	n/a
2023-06-11	n/a	exe	c721953fa7017313eb8ee41d66071dfcce6127a9e578b01570ffb4509ab7f0e8	n/a
2023-06-04	n/a	exe	ea6f9f647abeaf8eeddf59a547458471b9ecfa77f2cf6e7c53d0d178b7ec7559	n/a
2023-05-31	n/a	exe	6a25adcf3954a77554443e98d6ebd7429cedf3663e561212cc1a03763ca8fad5	n/a
2023-05-28	n/a	exe	5d2e841645576d0eefcc6bcc6c0d480c0c6874f05a56e92441319a5c41b38979	35.21%	AZORult
2023-05-25	n/a	exe	ed693d91bf15dd9a38ed00bcef4921247d994db66dbd9ca6635a3f031e127dff	n/a
2023-05-12	n/a	exe	bf1d731a91e424fd67778f176ac652fa5ca39f2ab188ef740184e4b2808c7b3c	44.29%	AZORult
2023-05-11	n/a	exe	79a7c9d15971c14d78baccbf211b3ca1e9adcb0befc6d3d1c5d92902d70678e2	56.52%	AZORult
2023-05-08	n/a	exe	84c18f78f11b9bc3fd3e96925d2a7b76ab5ecfb927c377ad27456e191815b24a	50.00%	CoinMiner
2023-05-04	n/a	exe	840f99dae37626cfb9fd4390067ebdb1c0adcd24f95f505fd32117a170422ff1	n/a
2023-05-03	n/a	exe	83263fa7b8c560ae026a24d6ea9e6eafb16aa207cc5557c65c7f71f703f3a593	44.93%
2023-05-01	n/a	exe	e99f79618b991de5d1052096950590a4fe833b885871a96bb1202e3d6dd876a0	n/a
2023-04-30	n/a	exe	ff277e11345c79a60de0ba45011460629487e82e8b0b58a8ddfdfeca2d7623f5	45.07%
2023-04-22	n/a	exe	0127ebf8628f963a453520b0149fc11fc5d0a56536ce2a41c9dfdd3c597a0746	23.19%	zgRAT
2023-04-18	n/a	exe	d9b498faf01b9eb598761915a6fc2fb4f1ab2317d354348baca6794730fd15d3	n/a	Vidar
2023-04-14	n/a	exe	0cff8404e73906f3a4932e145bf57fae7a0e66a7d7952416161a5d9bb9752fd8	n/a	Vidar
2023-04-07	n/a	exe	4130ce135fbfab00618f261a0397e88479d2f61e1ed0d09ebcde525439774f3e	37.88%	AZORult
2023-03-24	n/a	exe	c3cba8fe3b0622f7f5bde6d67dfd02b454055c1e9fd4402197cf70e5002e9fda	n/a
2023-03-23	n/a	exe	60289bfd6a3a67726074cccced70f113419fea3b76c00855fb7dc5fa332d3f7a	33.33%	Rhadamanthys
2023-03-16	n/a	exe	a54493e71a7f28fe61e607ba4c089ada71e13ff9e1df6cef5619a4163e2b0a1f	23.53%	AZORult
2023-02-05	n/a	exe	4908e51e65bf67fdc3a559be7c47c3df1354a4a864b931cb176d282048f8d9c2	32.86%	AZORult
2023-01-13	n/a	exe	8c5df030de0c79f2155a60e0d5f41889ec8d07d441279d406996dca4639f8539	32.86%	RecordBreaker
2022-12-18	n/a	exe	746669c6be1807fdafbc7ee3f1e958e1b584fa31688742bcc044d269af94b0d8	n/a	RecordBreaker
2022-11-29	n/a	exe	9063dd7d69236cca3007587ccc04334b4289ec456f6983673f3d9f749092a29c	61.11%	RecordBreaker
2022-10-25	n/a	exe	047c3c77cf5c111816547b48e76cc04db1ce7521c1fe89738e53f201064cd8da	n/a
2022-10-09	n/a	exe	130aa5a1aed885c2d4abfb3dc74d446eb5b177aed5e165bc537442212973cf98	n/a
2022-10-06	n/a	exe	d4227ec9dd2159223342099e0ed7d55c0691fe677ab2fc513c149a137e50ced8	n/a	AZORult
2022-10-01	n/a	exe	9a81a9c84d36a49be8286458ce7c919538647711b28fedae9b5521762ff76030	40.00%
2022-09-16	n/a	exe	e553b05dd2afafadb6ad38d3463056e50cfa31ba3ac5489a7a114ec35ef10194	n/a	RecordBreaker
2022-08-18	n/a	exe	65020d58d04109f2e8f46d12e43aeee9e98ec182db4bd4a2b2c336978e696c06	52.11%	AZORult
2022-08-14	n/a	exe	ea34b776b896df9512f0aab37e3b0d56ff012a0906910a957db335f9e7dcf2d4	n/a	RecordBreaker
2022-07-10	n/a	exe	d75d7b0534ff648f16f5751be79a2c23158b6412a780180aec78c77c7e95071d	n/a	AZORult
2022-07-05	n/a	exe	6887d3d4d5baa135418c2305915c56b448960d03c427f6c63c430465ddaa6547	78.46%	RemcosRAT