URLhaus Database

You are currently viewing the URLhaus database entry for https://login-sofi.4dq.com/tmp/index1.php which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2711431
URL: https://login-sofi.4dq.com/tmp/index1.php
URL Status:Offline
Host: login-sofi.4dq.com
Date added:2023-09-13 08:35:08 UTC
Last online:2023-09-14 08:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Casperinous
Abuse complaint sent (?): Yes (2023-09-13 08:36:14 UTC to abuse{at}linode[dot]com)
Takedown time:1 day, 0 hours, 17 minutes Poor (down since 2023-09-14 08:53:14 UTC)
Tags:dropped-by-SmokeLoader Smoke Loader link Stealc

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-09-14179c66b4.exeexe 2ae5932352f9e2d0f9a6c05f6977b7566c0a0913ae0717c787380ea35045969bVirustotal results 39.44% Smoke Loader
2023-09-14e161ea63.exeexe ca7040360abf1a1092dc866a3aa49c158bad9bda0b43493e0442a89dcb3abc97Virustotal results 42.25% Smoke Loader
2023-09-1497a6388c.exeexe 57023d355566b1bff7490a5bc5c4380e013b2b4fb68152c8118be21718e53329Virustotal results 45.07%Smoke Loader
2023-09-14f13394a7.exeexe c55c92457d03edbc7ec6f2c1ed55ca5e79d66d5ee568beab370229cd278649b1Virustotal results 41.43%Stealc
2023-09-1486a893bc.exeexe 4ce44622007ef6e7a92aeabc27d79e2f1297c1162e9324686010157660b55fb3Virustotal results 44.29% Stealc
2023-09-139a5aa8df.exeexe 8c8545f91021086b21437241273005f51f0d05c46a434e9dd4076d6b98aa5c76Virustotal results 38.57%Smoke Loader
2023-09-13bfec1f3b.exeexe 2a8bad21145b4d758332588fb79ef6bcb2aa95bd7de7a2d8c0777e6f7146b115Virustotal results 40.85%Smoke Loader
2023-09-131c59b0b2.exeexe 17779ddb4bc3962bda0b0461ddf3eaf665c54364b3abe98d209b6f40781a1ab9Virustotal results 43.66% Smoke Loader
2023-09-13300e1662.exeexe 4201248030180127dc4299a4dbcc6cde35beaafbefd9a25ffb3093d3e35f5dc2Virustotal results 42.25%Smoke Loader
2023-09-13f06512e5.exeexe 77fcb3294002ee5ecfbd36825e19d038a4d7d213734758dae1fa731bfa2b1058n/aStealc
2023-09-13f88d19d7.exeexe f5b5c89e8d4e216a731c5fa57e53ebd9012c41f2d65c0c48eb45ccac021b4311n/aSmoke Loader
2023-09-13951f05f3.exeexe 947fb340a672bd684a18ab7aeb7fe28cd9f2eee3c0de99c205f3a4a39aad12c0n/aSmoke Loader
2023-09-1362380c30.exeexe 581407074ab82ef32bfaaa4bd7a6bc4da38ca7c4ad8f91166c2be4325ae000f9Virustotal results 45.07%Smoke Loader
2023-09-138a194d6e.exeexe fefa50ffd7c9e19b4c4d84e664b894c6377196942024b71ee371c466d194ee9cn/aSmoke Loader
2023-09-1370d95691.exeexe f16b46e15c651028ea359e8e0fa8c1b460a09570df3a29287d816c688cf1bce5Virustotal results 45.07% Stealc
2023-09-13de3b7359.exeexe a2260ac65c2814e6a0e7b839474a298333f2a4a7ac60af12861dcc9edf5a6019n/aStealc
2023-09-13a034482b.exeexe cf006190a75a8fa6faf74c6200d7d56d0bb4ed0cd140a328537d3096ecd07a32Virustotal results 42.25%Smoke Loader
2023-09-133b4c0b01.exeexe 185191bcf9c8b49ddc40877f9b3638e01cebfc2b5ba3fea77098913df72bc5ebn/a Smoke Loader