URLhaus Database

You are currently viewing the URLhaus database entry for http://cmailserv19fd.world/pred777amx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:242702
URL: http://cmailserv19fd.world/pred777amx.exe
URL Status:Offline
Host: cmailserv19fd.world
Date added:2019-10-10 10:15:38 UTC
Last online:2019-10-10 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Blocked
Reporter: JAMESWT_MHT
Abuse complaint sent (?): Yes (2019-10-10 10:16:02 UTC to abuse{at}colocrossing[dot]com)
Takedown time:6 hours, 56 minutes Good (down since 2019-10-10 17:12:15 UTC)
Tags:PredatorStealer link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2019-10-10n/aexe 09a79257db3eea14161eda6edaa4a11ded28cd78c7268e710ebd15207c625716n/a PredatorStealer
2019-10-10n/aexe 36b7340d02e21e42d765475462bfa38dab11ad469f4274db84fa38e7238157f5n/a PredatorStealer
2019-10-10n/aexe 21ebdc3a58f3d346247b2893d41c80126edabb060759af846273f9c9d0c92a9an/a PredatorStealer
2019-10-10n/aexe 6a930c8d616a043e5bbd57b3249c38b60c3ea950c417ca0a0986b3eacbedca55Virustotal results 15.94% PredatorStealer
2019-10-10n/aexe 089e239c321234ac9917955a8001a90d75e3deaa67e5eba035adf5c28f1595c8n/a PredatorStealer