URLhaus Database

You are currently viewing the URLhaus database entry for http://ji.ghwiwwff.com/m/oskg25 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2594534
URL:	http://ji.ghwiwwff.com/m/oskg25
URL Status:	Offline
Host:	ji.ghwiwwff.com
Date added:	2023-04-02 07:53:24 UTC
Last online:	2023-05-15 13:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2023-05-15 08:39:05 UTC to lph{at}yisu[dot]com)
Takedown time:	1 month, 13 days, 5 hours, 49 minutes (down since 2023-05-15 13:43:10 UTC)
Tags:	exe fabookie

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-05	n/a	exe	a790b1752ac4a38d605b098c1d4d50aa8aeaf7a81aff8a48a57c42599c3e6790	n/a	Fabookie
2023-05-04	n/a	exe	9d4727c8d6ee3f645f9a77c512b84b0742d7502a15aeffcdd15366e6cb488c1f	n/a	Fabookie
2023-05-01	n/a	exe	c3e4b936392928fd4e1190f3ce396efd4495f1132f8aad00aab1d2dceed6bda6	n/a	Fabookie
2023-04-27	n/a	exe	2f463640ede2ba652be4fbadf180af9b992917a4100e702c518405ac9ebe3aa6	n/a	Fabookie
2023-04-26	n/a	exe	f50a1f6a4a18f16169d39eae603f6300def0c4c8a8f6ad8807686f243e836314	4.29%	Fabookie
2023-04-24	n/a	exe	97f12b24e5ae9141902e74706e7b1715a40e172bfd1eafab7271fb584b3b9796	n/a	Fabookie
2023-04-20	n/a	exe	00be39766b1a091a3f59c367143d21d511991a465c8eb0a39c907d4cd398c90a	n/a	Fabookie
2023-04-19	n/a	exe	94b3090468a91d8b931539c75565b8dc879bea77a1e1c106ae822d0526e6e636	n/a	Fabookie
2023-04-18	n/a	exe	81c46102daba9dec4485a7c9c7a198be3d2fc1c7b3a74edc9aad6474937b2499	n/a	Fabookie
2023-04-17	n/a	exe	ea09c280645956baff7e4cdc2bfa9753104b9025ec81d6853fca43f8c2fcb732	4.29%	Fabookie
2023-04-15	n/a	exe	f73ae637e2fabc59414bde71d114a8c941e8d8e73f0ba1bd956c07e5c5cf67dc	n/a	Fabookie
2023-04-12	n/a	exe	870a9633c0d413b49a3de2e9984c932a02fe7da019604707875a7e5f7d38124b	n/a	Fabookie
2023-04-11	n/a	exe	0d68e80b05103406428c1d530d720966eef4a40f458c2ca315a0d449d7dd67a5	10.14%	Fabookie
2023-04-10	n/a	exe	62ce1a784681de19ce663e50dafdbaadf1bef034127227950c47201523112042	n/a	Fabookie
2023-04-09	n/a	exe	3c2eeb6f7925b176c3037df99473584b1621929b79a75573cfe335ff87c30e63	12.86%	Fabookie
2023-04-08	n/a	exe	a52b15ce94bb5927e9dd482ae80661d3912603b5b93055599141cc28d5764cd9	11.43%	Fabookie
2023-04-06	n/a	exe	1f9d101b831275091f28ff87eb66f5a76f8fc724d593704582a8ba541b0b3831	n/a	Fabookie
2023-04-04	n/a	exe	4ec2e908cb0ec7053e456e6f1c1223a24979f7c0628798ffe22d8c8c575031f9	n/a	Fabookie
2023-04-03	n/a	exe	1971e9d310869179bc49eac2515e440b278c6eaff37508d64054606c73ae1888	n/a	Fabookie
2023-04-02	n/a	exe	b4ea2b4b198552bd5507a504480d1efe41343c84c317de4ed44f571f608c8d47	11.76%	Fabookie