URLhaus Database

You are currently viewing the URLhaus database entry for https://extantlaws.com/netTime.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2645861
URL:	https://extantlaws.com/netTime.exe
URL Status:	Offline
Host:	extantlaws.com
Date added:	2023-05-30 14:06:05 UTC
Last online:	2023-11-01 05:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	andretavare5
Abuse complaint sent (?):	Yes (2023-05-30 14:07:06 UTC to abuse{at}nl[dot]leaseweb[dot]com)
Takedown time:	5 months, 4 days, 15 hours, 32 minutes (down since 2023-11-01 05:39:59 UTC)
Tags:	CoinMiner dropped-by-PrivateLoader xmrig

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-06-06	n/a	exe	c55ef5e7232f8aa0bbc8fabb66324941b043f594e4ad9618ff43910878f9377c	n/a
2023-06-05	n/a	exe	5c4e676e7a3a37e6557530f3e14b919629ee0185c639178465fd1887ec3e9fda	n/a
2023-06-04	n/a	exe	adb8cf4957fbe1db3d65d53f80d8330d0fefe08ba23a95b33b91428be234ee05	40.85%	Zyklon
2023-06-04	n/a	exe	302fb7b05b696404282ab6d9e7ccb80c11cca86203a778cdb9c5099af6cff8d1	39.44%	Zyklon
2023-06-03	n/a	exe	a34aa0d9b8392bcd17dbc71043ef4adc262ea7913ead2ad0bf9a3007b2091597	40.85%
2023-06-03	n/a	exe	4bd0c62a93adbf05a4e917ba0b2fe494866cf0e972f6eebc330def40f803162f	n/a
2023-06-02	n/a	exe	88b6d6f8db5bae7c831f726d1731dbd4b9a83b993ea489fc27e96dc6600af661	41.43%	Zyklon
2023-06-02	n/a	exe	11c9b04bef671d198bcb896e611082eaec0b25a983ed22afe6d375b0f0791435	n/a	Zyklon
2023-06-01	n/a	exe	dc58fa5e6b22879a9396d48b40d8244bb8032f5c66e3d7a0bbfd65f76a34ce61	n/a	CoinMiner
2023-06-01	n/a	exe	3ba7c62379193821b88312653ddbfd07cab7c5a70d239523f60fc5926afd35e8	n/a	CoinMiner
2023-05-31	n/a	exe	925d72a0386f1228192b826ad465aca0343103f87188b94c7df3cf16dd5c3ae6	n/a	Zyklon
2023-05-31	n/a	exe	cb74248d3d1b1c17a1585e9c4467b03cea1a2cb3d58136a5316baa10fa619ff1	n/a	Zyklon
2023-05-30	n/a	exe	a95e8541f0e2e8ac15d15b079ac0ac9826c52f8ed61e2c8a3c0ca72908230296	32.39%	CoinMiner
2023-05-30	n/a	exe	939f6972ee6a83217d0ccb69dea58c381bd6b9977870bad27385ce7df68b16b8	37.68%	CoinMiner