URLhaus Database

You are currently viewing the URLhaus database entry for http://karimgouss.ug/zxcv.EXE which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2577943
URL: http://karimgouss.ug/zxcv.EXE
URL Status:Offline
Host: karimgouss.ug
Date added:2023-03-20 00:20:09 UTC
Last online:2023-11-12 20:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Blocked
Quad9 :Status unknown
AdGuard :Blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Not blocked
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2023-11-12 20:05:08 UTC to petr196721{at}yandex[dot]ru)
Takedown time:8 months, 13 days, 0 hours, 1 minutes Bad (down since 2023-11-28 00:22:59 UTC)
Tags:32 AZORult link CoinMiner exe ModiLoader link Rhadamanthys zgRAT

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-11-12n/aexe ad7af6aca0ba3d2fe9adb3f391800420800c0f6aa00db064fc1292232a6d881eVirustotal results 51.39%zgRAT
2023-10-26n/aexe 8868ea6af3214fc758c93c1cb909231a76e22e718a4917aae5f2a60cf12af094n/aAZORult
2023-10-15n/aexe 22224f65c07515b2f61e29f7f1a14005d0de54378aa925d9e017bb2ac26b5395Virustotal results 41.67%zgRAT
2023-10-04n/aexe 77bfa9410910904d05a73ad3d6c28c1aa02b9d2ec82419f73600615b8b27f9a2Virustotal results 40.28% Rhadamanthys
2023-09-16n/aexe cba6d759d06ca62870a8b62e2aa720be826369fbc8a6f8ba5e2404d8181896acn/a 
2023-08-07n/aexe 29f5a8629986da0b4a353e5423fb39c505cba7c06e7aa4b5a4029c5a1669ae95Virustotal results 45.07%Rhadamanthys
2023-07-27n/aexe 33999930570e34ec77b4873a8cffa5466bbfbf5ad83f949d10d95eb40151bbe5n/a
2023-07-19n/aexe bcf3266e8996bcdb7acb686034f264b07c228ce37f1212b663b636cc0317ee1aVirustotal results 26.76% AZORult
2023-06-25n/aexe fc6ddb1f7644597b84d14e3efa4cd1a1d1ad0083141b3fa2a613cd3c092f6505n/aRhadamanthys
2023-06-16n/aexe bf4e66ff9aeb1b06ec94758356e5142766824bcedbdd2a82b280c55e61e5d055n/a 
2023-06-13n/aexe 394d1cc2c76e52f85a9bed1302431751701bdcf7083ef2065dbf7b6a36911c07n/a 
2023-05-30n/aexe 9e5ad8a352f0ae5fb03d2078e890f5d2d33c8f845c11853daf49043eab3f451en/a
2023-05-28n/aexe 5d2e841645576d0eefcc6bcc6c0d480c0c6874f05a56e92441319a5c41b38979Virustotal results 35.21% AZORult
2023-05-12n/aexe bf1d731a91e424fd67778f176ac652fa5ca39f2ab188ef740184e4b2808c7b3cn/aAZORult
2023-05-11n/aexe 79a7c9d15971c14d78baccbf211b3ca1e9adcb0befc6d3d1c5d92902d70678e2Virustotal results 56.52%AZORult
2023-05-08n/aexe 84c18f78f11b9bc3fd3e96925d2a7b76ab5ecfb927c377ad27456e191815b24aVirustotal results 50.00%CoinMiner
2023-05-03n/aexe 83263fa7b8c560ae026a24d6ea9e6eafb16aa207cc5557c65c7f71f703f3a593n/a 
2023-05-01n/aexe e99f79618b991de5d1052096950590a4fe833b885871a96bb1202e3d6dd876a0n/a 
2023-04-30n/aexe ff277e11345c79a60de0ba45011460629487e82e8b0b58a8ddfdfeca2d7623f5Virustotal results 45.07% 
2023-04-22n/aexe 0127ebf8628f963a453520b0149fc11fc5d0a56536ce2a41c9dfdd3c597a0746Virustotal results 23.19% zgRAT
2023-04-18n/aexe b415a5cc8d0c1c960e7bc16bcb9351943b2c998f9430b1a1425b715754cc1e11n/a ModiLoader
2023-04-14n/aexe c90193af8ffe050ad79402dfceb9274be08b300bc02ecb1e6394917ee50934e4Virustotal results 25.71% ModiLoader
2023-04-07n/aexe 4130ce135fbfab00618f261a0397e88479d2f61e1ed0d09ebcde525439774f3eVirustotal results 37.88% AZORult
2023-03-23n/aexe 6ad4c22533cf835aaafd24303e155aa431d3aa38c1746dc8fccf2924e0be4b63Virustotal results 23.19% Rhadamanthys
2023-03-20n/aexe a54493e71a7f28fe61e607ba4c089ada71e13ff9e1df6cef5619a4163e2b0a1fVirustotal results 72.46%AZORult