URLhaus Database

You are currently viewing the URLhaus database entry for http://salon.bio.poitou.free.fr/images/stories/fruit/1a.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

URL: http://salon.bio.poitou.free.fr/images/stories/fruit/1a.exe
URL Status:Offline
Host: salon.bio.poitou.free.fr
Date added:2019-11-08 22:10:03 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL :Not listed
SURBL :Not listed
Quad9 :Not blocked
AdGuard :Not blocked
Abuse complaint sent (?): Yes (2019-11-08 22:12:02 UTC to abuse{at}proxad[dot]net)
Takedown time:16 days, 14 hours, 57 minutes Bad (down since 2019-11-25 13:09:52 UTC)
Tags:AgentTesla link exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-11-11n/aexe dfa55ab6e1223e076161fe84210daa03c249515adee12587c625a5ea11922f0dn/a
2019-11-10n/aexe af78062c480cc247710d3c895841794619c6b0a6f7f7da48c199600b5e62197cn/aAgentTesla
2019-11-09n/aexe f94b19f50807d98a8b17c05598abd775d88553ec29e37cc75b96f07d53c41525n/aAgentTesla
2019-11-08n/aexe 86e869e250cc1b3ba7ba6720f9a4450c6868dd5223dac7016afd1f771c1b1481Virustotal results 54.93%AgentTesla