URLhaus Database

You are currently viewing the URLhaus database entry for http://zang1.almashreaq.top/_errorpages/ucdutchzx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2739476
URL:	http://zang1.almashreaq.top/_errorpages/ucdutchzx.exe
URL Status:	Offline
Host:	zang1.almashreaq.top
Date added:	2023-12-11 11:29:06 UTC
Last online:	2023-12-11 11:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Anonymous
Abuse complaint sent (?):	Yes (2023-12-11 11:30:11 UTC to abuse{at}cloudflare[dot]com)
Takedown time:	17 days, 6 hours, 46 minutes (down since 2023-12-28 18:16:51 UTC)
Tags:	AgentTesla zgRAT

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-12-22	n/a	exe	8cd42ca679618100850eafd118304c86114cf6de94df75014c4eee3d1905c74d	n/a	AgentTesla
2023-12-22	n/a	exe	088912f521813fcc47c7ed2c36f4977e049a359606909dabb46422fa78d05f2c	n/a	AgentTesla
2023-12-22	n/a	exe	a8484d4b644528dca4b09691169ac66e7668a7a79c1c0e5f4ebcbd521c3d2d57	n/a	AgentTesla
2023-12-21	n/a	exe	cf57e08f639a573611ffb7b1ce6380ffea72f835f060902be85c430a5a1ef5aa	n/a	AgentTesla
2023-12-21	n/a	exe	321f4efa303906c3b4e733b3019b186f77a20af6874f6bc226d7ad6be28f1489	n/a	AgentTesla
2023-12-20	n/a	exe	221c0a731d76f94e1cfe228d145b9fef674675e9cd90487ac0a8d216e2416bd1	n/a	AgentTesla
2023-12-20	n/a	exe	f7a9c6b502c418e359d794e56d87e1e883d337fa209403766b47dc3c7421b350	n/a	AgentTesla
2023-12-19	n/a	exe	ce49d8f1f0797e1466c700cd720cf083669adc413aeb9e2baf971a2477baca56	n/a	AgentTesla
2023-12-19	n/a	exe	09d26c6d21cdd5d66e451630f7b4889ee6a8ac0a8d576a3462f02146d0c00ac4	n/a	AgentTesla
2023-12-18	n/a	exe	ee588b9483aba9e88244c34798e3abf7e8e8f9d95a806447fd8ddafc12b5d571	n/a
2023-12-18	n/a	exe	b8ccc33c5c010de7ce3220d9aa50fe7a3a235a1e0ada119495805ac4424d7b55	n/a	AgentTesla
2023-12-15	n/a	exe	d46649035a45f8a3418e436d91f11ab5a5cc1e79e78774c271058072fac11446	n/a	AgentTesla
2023-12-15	n/a	exe	f05b7283ae46191aff8d8dc7aaece516f3f284fadf530ea701cd2ce895267ee1	n/a	AgentTesla
2023-12-14	n/a	exe	6d7c55426919474aa4c78afe957c8a160c918d3d60c4055e7498600230388e25	n/a	AgentTesla
2023-12-14	n/a	exe	caaf161ee6c17c68d80e533a2f7f725e35c6f74a58b8316ed6fb124cdd834ebb	21.43%	AgentTesla
2023-12-14	n/a	exe	9a1138a162bb083659fe3716b97ed51486af388c69929decf4db49577c826bd2	n/a	AgentTesla
2023-12-13	n/a	exe	f7f5408a693a314105d9a7a26ac705e4f678bc8e82eea660651efe20efb93f07	n/a	AgentTesla
2023-12-12	n/a	exe	3f8013a553d5ec62d7acb84186febe78c7c9f9eff5a2aa8043f3e2356b717514	n/a	AgentTesla
2023-12-12	n/a	exe	9f9d9f7f656b0de00a591e7260c10945f390eef8ad6cfa50b934813af2ea2d84	33.33%	AgentTesla
2023-12-12	n/a	exe	fb45e196787a29e72b40c48416c4f7d973b6aa86cbd46deef05f3e373d237f96	n/a	AgentTesla
2023-12-11	n/a	exe	5dbac89a6802a5144699a6e8a4ba1b2016857f03b0e01b6680af7f223f34f22c	n/a	zgRAT