URLhaus Database

You are currently viewing the URLhaus database entry for http://ring2.ug/files/penelop/updatewin.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:256415
URL: http://ring2.ug/files/penelop/updatewin.exe
URL Status:Offline
Host: ring2.ug
Date added:2019-11-21 13:53:04 UTC
Last online:2020-01-31 09:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2019-11-21 13:54:02 UTC to abuse{at}selectel[dot]ru)
Takedown time:2 months, 10 days, 19 hours, 6 minutes Bad (down since 2020-01-31 09:00:22 UTC)
Tags:exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2019-11-28n/aexe 08945842b8d0476b9224611f310af65d6174347ed65607eacea9e2ff62424227n/a 
2019-11-28n/aexe 7a1b6b89e2defa889e694e1fd75a522230d501303001cc7a84c4320e0e0f178bn/a 
2019-11-25n/aexe 783d518c983359565c61056b56b2a72ff58f8f38fac6676e7660f12f8bcb954bn/a 
2019-11-23n/aexe 4c390aec4f279abf0ead3a03e52cf2986a1a338e463b6f8dc4231f1740a614aan/a 
2019-11-21n/aexe 114ccacb7ca57c01f3540611fdf49e68416544da8d8077f5896434a4b71b01ddVirustotal results 86.76%