URLhaus Database

You are currently viewing the URLhaus database entry for http://cusara.xyz/f/slov.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2283052
URL: http://cusara.xyz/f/slov.exe
URL Status:Offline
Host: cusara.xyz
Date added:2022-08-29 05:51:11 UTC
Last online:2022-08-29 19:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: abuse_ch
Abuse complaint sent (?): Yes (2022-08-29 05:52:07 UTC to abuse{at}mtw[dot]ru)
Takedown time:13 hours, 23 minutes Good (down since 2022-08-29 19:15:20 UTC)
Tags:ArkeiStealer link exe opendir RecordBreaker link RedLineStealer link Smoke Loader link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-08-29n/aexe ef739b1a76624cd16efb29b60326fa86e4dd1ff992d559182ee7e3bc59494a26n/a ArkeiStealer
2022-08-29n/aexe ba40676708a3e89eff4a85f71345231f1af6452720e308228f48f2765d9eb5ddn/a Smoke Loader
2022-08-29n/aexe 7440cb02422b9677cab46a9eb0c47f594c8b18b37f87ff9e83a5fc0e936f7cabn/a ArkeiStealer
2022-08-29n/aexe a8db2007bc8291b20ce159fcd18f7ea9624c829ca04cdc68aac828bc6a69b510n/a RecordBreaker
2022-08-29n/aexe 0516d268d7ee18405095c61c1bbb0f9929855bf048f7952344d77718c6a969a0n/a RedLineStealer
2022-08-29n/aexe 2df7969fcbce3b9819f562b07262a66aa1c6761db7b8bb88faa94e0a9e5f6081n/a Smoke Loader
2022-08-29n/aexe 558b7dc2faa06138888e8d86f61f6c208fd994d9cc4ccbb68e72e21bf2f5bcfen/a Smoke Loader
2022-08-29n/aexe 182988b43fe3ae94edd0c83984ab13a8d82cf7a9ec3850ba7e7f9fe378485b5cn/a RedLineStealer
2022-08-29n/aexe f9ad750b198256a4bb4c30139d88a2a5f494594e6ccf0173cbf82b31be4d2943n/a Smoke Loader
2022-08-29n/aexe 2ee1fe1b13ad8dceb76884260fc24791d59107230d6815d318df6c1bea9c781cn/a RecordBreaker
2022-08-29n/aexe ede84da341bf13dd01ae4587fb20fc14afc79d3d872cad0e5468892fd978e0b9n/a Smoke Loader
2022-08-29n/aexe 19f3e5cab44c7310b94afb38dbe5d1a55ae69bf95bd69ec6bcb4c339100d7d69n/aRedLineStealer
2022-08-29n/aexe f9716dbf790a96f3d63bc5e5f012706e7a78f2e58b045f4cfcec6483ffed7ddan/aRecordBreaker
2022-08-29n/aexe 91c7ea32b2138f53f659fbcd228f0f26750d6b274bf931ae879a5e10c6c26cc3n/aRecordBreaker
2022-08-29n/aexe 4e61abfd5c8067ac38870f2307ad1e34f388e41b5b755bf72ef2c482a137003bn/a Smoke Loader
2022-08-29n/aexe 160fe152cf7fa7ed9fcfff18247c8035916074991c6cb376cb45b515ffe4ef55n/aRecordBreaker
2022-08-29n/aexe c55ce7d865d6c56a00a3573a0e31855359c27e360893ea5b2b1ced1ed00794d0n/a Smoke Loader
2022-08-29n/aexe 7f8bada5abf58a6af13bcfd8a25f260c39003d75c4e946a6c1ddba03e54f2338Virustotal results 34.78%ArkeiStealer
2022-08-29n/aexe 1224cff781af46afddb80f91b55c4a78d6e452dedddcf54369ed29927586c29an/aRecordBreaker