URLhaus Database

You are currently viewing the URLhaus database entry for http://karimgouss.ug/zxcvb.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2578024
URL:	http://karimgouss.ug/zxcvb.exe
URL Status:	Offline
Host:	karimgouss.ug
Date added:	2023-03-20 02:09:11 UTC
Last online:	2023-11-12 13:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Blocked
Quad9 :	Status unknown
AdGuard :	Blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Not blocked
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2023-11-12 13:21:06 UTC to petr196721{at}yandex[dot]ru)
Takedown time:	8 months, 12 days, 21 hours, 38 minutes (down since 2023-11-27 23:48:22 UTC)
Tags:	32 AZORult CoinMiner exe Rhadamanthys Vidar zgRAT

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2023-11-12	n/a	exe	ad7af6aca0ba3d2fe9adb3f391800420800c0f6aa00db064fc1292232a6d881e	n/a		zgRAT
2023-10-26	n/a	exe	8868ea6af3214fc758c93c1cb909231a76e22e718a4917aae5f2a60cf12af094	n/a		AZORult
2023-10-15	n/a	exe	22224f65c07515b2f61e29f7f1a14005d0de54378aa925d9e017bb2ac26b5395	n/a		zgRAT
2023-10-04	n/a	exe	77bfa9410910904d05a73ad3d6c28c1aa02b9d2ec82419f73600615b8b27f9a2	40.28%		Rhadamanthys
2023-08-07	n/a	exe	29f5a8629986da0b4a353e5423fb39c505cba7c06e7aa4b5a4029c5a1669ae95	45.07%		Rhadamanthys
2023-07-19	n/a	exe	bcf3266e8996bcdb7acb686034f264b07c228ce37f1212b663b636cc0317ee1a	26.76%		AZORult
2023-06-25	n/a	exe	fc6ddb1f7644597b84d14e3efa4cd1a1d1ad0083141b3fa2a613cd3c092f6505	33.80%		Rhadamanthys
2023-06-17	n/a	exe	1bcc8e21c914035b2d4234ead47071bc8ee9f6978b279fd3320cdd08b5804c85	n/a
2023-06-04	n/a	exe	ce07056901d2b5ef7465c6d32c94658aa4634fa0a022472708eb3f09341ba64c	n/a
2023-06-03	n/a	exe	cbf13fe3478f2bb22bd307ecc6fbca61a2b825301c55c5ede3fbbf086ce28884	n/a
2023-05-28	n/a	exe	5d2e841645576d0eefcc6bcc6c0d480c0c6874f05a56e92441319a5c41b38979	35.21%		AZORult
2023-05-26	n/a	exe	5851b462ac0152c7689ec48ab65e8f2050f5c27ed30465f9b54cc27e15f1386a	n/a
2023-05-12	n/a	exe	bf1d731a91e424fd67778f176ac652fa5ca39f2ab188ef740184e4b2808c7b3c	53.52%		AZORult
2023-05-11	n/a	exe	79a7c9d15971c14d78baccbf211b3ca1e9adcb0befc6d3d1c5d92902d70678e2	45.59%		AZORult
2023-05-08	n/a	exe	84c18f78f11b9bc3fd3e96925d2a7b76ab5ecfb927c377ad27456e191815b24a	50.00%		CoinMiner
2023-05-03	n/a	exe	83263fa7b8c560ae026a24d6ea9e6eafb16aa207cc5557c65c7f71f703f3a593	n/a
2023-05-01	n/a	exe	e99f79618b991de5d1052096950590a4fe833b885871a96bb1202e3d6dd876a0	55.07%
2023-04-30	n/a	exe	ff277e11345c79a60de0ba45011460629487e82e8b0b58a8ddfdfeca2d7623f5	45.07%
2023-04-23	n/a	exe	6bb4fb7b7aa4a2cfe672f6c0c6872eb2bd5ec0580552d60d56f69dcd44272e75	n/a
2023-04-22	n/a	exe	0127ebf8628f963a453520b0149fc11fc5d0a56536ce2a41c9dfdd3c597a0746	23.19%		zgRAT
2023-04-18	n/a	exe	d9b498faf01b9eb598761915a6fc2fb4f1ab2317d354348baca6794730fd15d3	44.29%		Vidar
2023-04-14	n/a	exe	0cff8404e73906f3a4932e145bf57fae7a0e66a7d7952416161a5d9bb9752fd8	n/a		Vidar
2023-04-08	n/a	exe	d95a66e4f08fb6adb5978cc1a2ac010149ee2dbe03f81d920c026fb90a6ab3c7	n/a
2023-04-07	n/a	exe	4130ce135fbfab00618f261a0397e88479d2f61e1ed0d09ebcde525439774f3e	37.88%		AZORult
2023-03-29	n/a	exe	aeadf9d986f0ab4d4e110fe13dce641bf95d24af293a23c1638da83883cc65b7	n/a
2023-03-23	n/a	exe	328ac60e1df33c81596f0587a3cdad3827c4236b698860b1794e1725a16c0c45	n/a
2023-03-23	n/a	exe	60289bfd6a3a67726074cccced70f113419fea3b76c00855fb7dc5fa332d3f7a	33.33%		Rhadamanthys
2023-03-22	n/a	exe	1ff0fcdfbcb2a04aa6a1d76f399fb1f9b538424c3305862b09f130120026356e	n/a
2023-03-20	n/a	exe	a2d2bc0e72c489f9c84bf5dbf11be1052c5c12e6c90ee5aab7856650b5b58339	n/a
2023-03-20	n/a	exe	a54493e71a7f28fe61e607ba4c089ada71e13ff9e1df6cef5619a4163e2b0a1f	71.01%		AZORult