URLhaus Database

You are currently viewing the URLhaus database entry for http://safetygear.pk/ghjk.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2271066
URL: http://safetygear.pk/ghjk.exe
URL Status:Offline
Host: safetygear.pk
Date added:2022-08-10 09:37:05 UTC
Last online:2023-11-12 14:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: JAMESWT_MHT
Abuse complaint sent (?): Yes (2023-11-12 14:06:05 UTC to petr196721{at}yandex[dot]ru)
Takedown time:1 year, 8 month, 14 days, 1 hours, 50 minutes Bad (down since 2024-04-15 11:29:04 UTC)
Tags:AZORult link CoinMiner ModiLoader link RecordBreaker link RemcosRAT link Rhadamanthys zgRAT

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2024-03-27n/aexe 432747c04ab478a654328867d7ca806b52fedf1572c74712fa8b7c0edb71df67Virustotal results 29.17%CoinMiner
2024-03-17n/aexe 6e9bcc0913a29fe2608c028184592f1580d282547d37993cc467706000f73017Virustotal results 55.71% 
2024-03-17n/aexe 4dc4a5731364b47800189b82f0fe51fa1bda5ea828af59b57f22c88b7b13894eVirustotal results 42.47% 
2024-03-16n/aexe 52bceda6ff07125e2899b042f7715dd754b4e8a560892483be99b696a51680a6n/a 
2024-03-16n/aexe e6c83e4c2460b36752266499e77bb3731a2d1cc2e42495b7c76e9c64aaf2f2f6n/a 
2024-03-16n/aexe 9e4ca8c525d8a750fc491f6220e2da4f063d390c9a9ea24f7294a065444251b2n/a 
2024-03-15n/aexe b28249b99560c2dfc6db3542b64485eed51ee14ef325395c9ba262e1ad4547d8n/a 
2024-03-15n/aexe 80efc2e623b75511fc5571db08fc34af2407c925d5670239aaf8cc6329688ec9n/a 
2024-03-15n/aexe 5f12138480e43df342e3660513b8b77d31ae61916d29b71a94030ad624108b7cVirustotal results 46.58% 
2024-03-14n/aexe d45b8d1967d2059802147e5957e8817bdec5186659e6c943ac57bb1669cc4e18n/a 
2024-01-30n/aexe 217fbf967c95d1359314fcd53ae8d04489eb3c7bdc1f22110d5a8a476d1fc92en/a Rhadamanthys
2023-12-04n/aexe 189051c29319fac6a96fefc8158f9d27d61a55b668f3c8e3610a48617649518fVirustotal results 48.61%zgRAT
2023-11-12n/aexe ad7af6aca0ba3d2fe9adb3f391800420800c0f6aa00db064fc1292232a6d881eVirustotal results 40.28%zgRAT
2023-10-27n/aexe fc47ccd2521693d309fb453ea2632955ded43a9b0b57c08ef58bc06f111ca41dn/a 
2023-10-26n/aexe 8868ea6af3214fc758c93c1cb909231a76e22e718a4917aae5f2a60cf12af094n/aAZORult
2023-10-15n/aexe 22224f65c07515b2f61e29f7f1a14005d0de54378aa925d9e017bb2ac26b5395Virustotal results 41.67%zgRAT
2023-10-04n/aexe 77bfa9410910904d05a73ad3d6c28c1aa02b9d2ec82419f73600615b8b27f9a2Virustotal results 40.28% Rhadamanthys
2023-08-07n/aexe 29f5a8629986da0b4a353e5423fb39c505cba7c06e7aa4b5a4029c5a1669ae95n/aRhadamanthys
2023-07-19n/aexe bcf3266e8996bcdb7acb686034f264b07c228ce37f1212b663b636cc0317ee1an/a AZORult
2023-06-25n/aexe fc6ddb1f7644597b84d14e3efa4cd1a1d1ad0083141b3fa2a613cd3c092f6505n/aRhadamanthys
2023-06-12n/aexe 1f38ec6e203364d0ed7fd80e7a396b37c05a347133b0e995cd44e09da2aeddb6n/a 
2023-06-08n/aexe a60221bb7def6e5246d646268ced25ce5f5665e405ec8f7fe021d0b925784a06n/a 
2023-06-07n/aexe 92f435b88ce58ff55b226c361d79923c4e5d07ee754bd06db58b2962136f5b08n/a 
2023-06-03n/aexe 1c9e6a916f84c5557ea21c91e4d06571041bea335ec6eaea0ba1803b780025den/a 
2023-05-28n/aexe 5d2e841645576d0eefcc6bcc6c0d480c0c6874f05a56e92441319a5c41b38979Virustotal results 35.21% AZORult
2023-05-12n/aexe bf1d731a91e424fd67778f176ac652fa5ca39f2ab188ef740184e4b2808c7b3cn/aAZORult
2023-05-11n/aexe 79a7c9d15971c14d78baccbf211b3ca1e9adcb0befc6d3d1c5d92902d70678e2Virustotal results 45.59%AZORult
2023-05-08n/aexe 84c18f78f11b9bc3fd3e96925d2a7b76ab5ecfb927c377ad27456e191815b24aVirustotal results 50.00%CoinMiner
2023-05-03n/aexe 83263fa7b8c560ae026a24d6ea9e6eafb16aa207cc5557c65c7f71f703f3a593n/a 
2023-05-01n/aexe e99f79618b991de5d1052096950590a4fe833b885871a96bb1202e3d6dd876a0Virustotal results 55.07% 
2023-04-30n/aexe ff277e11345c79a60de0ba45011460629487e82e8b0b58a8ddfdfeca2d7623f5Virustotal results 45.07% 
2023-04-22n/aexe 0127ebf8628f963a453520b0149fc11fc5d0a56536ce2a41c9dfdd3c597a0746Virustotal results 23.19% zgRAT
2023-04-18n/aexe b415a5cc8d0c1c960e7bc16bcb9351943b2c998f9430b1a1425b715754cc1e11Virustotal results 31.88% ModiLoader
2023-04-14n/aexe c90193af8ffe050ad79402dfceb9274be08b300bc02ecb1e6394917ee50934e4Virustotal results 25.71% ModiLoader
2023-04-12n/aexe c60709251514df53b344b53a47ac500c2d596396620c7c424dbf26c356c2f76cn/a 
2023-04-09n/aexe 03d10dfb076a84b862ea59b2c5bed669cd0716896f88d9bd24ceee5f862631ben/a 
2023-04-08n/aexe abd8d5c726a983e812f37c31e108bf41bca26c71374493757a35d2ca4cb0a15an/a
2023-04-07n/aexe 4130ce135fbfab00618f261a0397e88479d2f61e1ed0d09ebcde525439774f3en/a AZORult
2023-03-23n/aexe 6ad4c22533cf835aaafd24303e155aa431d3aa38c1746dc8fccf2924e0be4b63Virustotal results 23.19% Rhadamanthys
2023-03-19n/aexe 413cf56bc1d240b039de2a931d4db40f06380c195bc204344f2768751e44119en/a
2023-03-16n/aexe a54493e71a7f28fe61e607ba4c089ada71e13ff9e1df6cef5619a4163e2b0a1fVirustotal results 23.53%AZORult
2023-02-05n/aexe 4908e51e65bf67fdc3a559be7c47c3df1354a4a864b931cb176d282048f8d9c2Virustotal results 32.86%AZORult
2023-01-13n/aexe 8c5df030de0c79f2155a60e0d5f41889ec8d07d441279d406996dca4639f8539Virustotal results 32.86%RecordBreaker
2022-12-19n/aexe aa4185102f68d05e1dc41d46e7b65cfb4a12e1f8694b7300264a6044a51f6931Virustotal results 51.39%RecordBreaker
2022-11-26n/aexe 2fc0f46e2ceded0b284d4f41759de65e73532900202260b98769ebfaf3244951Virustotal results 40.28% RecordBreaker
2022-10-06n/aexe 599fa7fc07b1b8265ea936ce641733fcec03eb0fe8cc4822e5a752b6629e216en/aRecordBreaker
2022-10-01n/aexe 8e2d87f5f34b7764e66644f831467e469dcc18a30a17d02252880851f560783dVirustotal results 22.39% 
2022-09-16n/aexe 60e6da1143cb32a41ecc76952d3b4ae8a8910b790973473e61fc2eb147704af7n/aRecordBreaker
2022-08-19n/aexe 04fb5a1f6082a09a55bec26e0748918da0d1007e2a43c70723dc79cc7c413079Virustotal results 65.22%AZORult
2022-08-14n/aexe d81620ec69feb5e745b23dacc25b874cef4db7b0daeaefbdb739300838f4d343n/a RecordBreaker
2022-08-10n/aexe 28455b1a0b29240e95877cff96528b3a196f0cf3a63d9980dc70349cdc0e1e74Virustotal results 84.51% RemcosRAT