URLhaus Database

You are currently viewing the URLhaus database entry for http://lakuiksong.known.co.ke/netTimer.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2718410
URL: http://lakuiksong.known.co.ke/netTimer.exe
URL Status:Offline
Host: lakuiksong.known.co.ke
Date added:2023-10-09 15:05:11 UTC
Last online:2023-12-06 03:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: andretavare5
Abuse complaint sent (?): Yes (2023-10-09 15:06:05 UTC to abuse{at}ovh[dot]net)
Takedown time:1 month, 27 days, 12 hours, 43 minutes Bad (down since 2023-12-06 03:49:25 UTC)
Tags:AgentTesla link dropped-by-PrivateLoader Phonk zgRAT

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-11-09n/aexe 68899fc05a68abeb8085dd0dc8c264cfa2dd2f8a091e2956e3179c7ef709820bVirustotal results 18.06%zgRAT
2023-11-07n/aexe 7fea5e9b346e73f69b3947ddde72fcf890d2601a3343b89c3a7a2fa8334453faVirustotal results 25.35%Phonk
2023-11-06n/aexe 263802f4c4f890ac1edba63b8faa12791314a36643b549643670c54040862d4en/aAgentTesla
2023-11-05n/aexe b4138451ca642ad8c085fbd450f82ca91776aea7b5bd5bccaf1ea4d87b55bc8dn/aPhonk
2023-11-04n/aexe 46304a29d2614764464359024e18491ab8423546564a2044eb875a3ead4c50a4n/aPhonk
2023-11-02n/aexe 3934f917c24bb9ba1addd45642927cc1ebb9008b2c7ac6548a8596ee9000f678n/aPhonk
2023-11-01n/aexe ecc3599d20e407b380261f62ba7e48c615042a2436e6ff806814d73fcd74569an/aPhonk
2023-10-31n/aexe 2f3164d5cb78cd7c382dda971ed394e0209734c76491e3a1f6e96310aaffea93Virustotal results 29.17%Phonk
2023-10-30n/aexe a12ac74e4555847e45eb599787ad86373d8fc7bb39b63550f65ec8d729bf264cn/aPhonk
2023-10-28n/aexe 9bb179d03269b4aa0512180b7ba7c7501485998dfdfc5a282c088a1537919ae5n/a
2023-10-23n/aexe 2683e38ab2e2f0dff7d67142846a14ac8f0cae0bc43f979b8116eb92c9e39caan/a
2023-10-22n/aexe 0ae1f1ca1eca6676a4cebfdaaf16b2f209b0f73f1ae4095b7ed1162f1ba1f715Virustotal results 30.99%
2023-10-21n/aexe b3f8e916122bb04524835950620392962e9e1fa2ed1c4dbb99fba648f51096d2Virustotal results 20.00%
2023-10-19n/aexe c4c199c607e40be772f88b737bfd6ee36382c2ac215762c8468e2fe3ea1d7582Virustotal results 25.35%
2023-10-18n/aexe 80ad141f45f4c7843e28285862282a9d77e526ef7b4c028aef2264a6d51ff42en/a
2023-10-17n/aexe d239d8926ec09c499b6cce0d0b90c23547bd63c8d514b6ffb0ce86eefe97310fn/a
2023-10-16n/aexe af62cd4a6f402e193c2a6ec6f4320ea04eab5eb847a24834032b825ab038afa5n/azgRAT
2023-10-15n/aexe b49be737db3f966f29dab25706bd74353a737d5ab8376fdc4f3e35b97ceab208n/a
2023-10-14n/aexe 992d090a7e3aa8a7ddca6d6950d922b65f5020d94d42576b6449e38520391353n/a
2023-10-13n/aexe 4fd569390a431229cf3576cfc60eb957cf4a69ccc5081946adcd8fb8028861b1Virustotal results 26.39%AgentTesla
2023-10-12n/aexe a01abfed4f1242cf60f81b2d581f997fcd5bdb41de5f48a31882b2e9827bef48n/a
2023-10-09n/aexe 918db681b80fb8558bc2e8d2cf4c7e3a12718967a5fb0a72128c7493cd16428aVirustotal results 27.78%