URLhaus Database

You are currently viewing the URLhaus database entry for http://ji.alie3ksgbb.com/ef/rty31.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2748308
URL:	http://ji.alie3ksgbb.com/ef/rty31.exe
URL Status:	Offline
Host:	ji.alie3ksgbb.com
Date added:	2024-01-12 10:21:09 UTC
Last online:	2024-01-18 17:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	andretavare5
Abuse complaint sent (?):	Yes (2024-01-18 17:47:06 UTC to abusepoc{at}afrinic[dot]net)
Takedown time:	1 month, 12 days, 21 hours, 5 minutes (down since 2024-02-24 07:27:17 UTC)
Tags:	dropped-by-PrivateLoader fabookie

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-02-03	n/a	exe	794fa053bcc3e8c7c7060b7e5e10f9c7e89904078df7ec3627edbee4e30e5170	n/a	Fabookie
2024-01-30	n/a	exe	7fdc59f47dfa34f0a8e1b43294709c5b0b4bcfd16a1626aa080eb0af9f26c8bb	n/a	Fabookie
2024-01-30	n/a	exe	a49392b04b4dcad0ea00d3f05230f9e42f45564effd43edf6d0da607d483037b	n/a	Fabookie
2024-01-27	n/a	exe	7ad10526f95b9d6da3553241e8b76008bbf6997413e1ae2dc8e591274abd26ef	n/a
2024-01-27	n/a	exe	3eae07d099682cf01fd7de29f0ddc1a15d3affaf6e8df2a72ab7ac3778fc5236	n/a	Fabookie
2024-01-27	n/a	unknown	c1c8d6edab56c3d102e4d884ec9126ab198f6460630539016b7a6ecf27566742	n/a
2024-01-25	n/a	exe	36d77641d25eb5d5f799f1f4ac243d083b3a8f585edca5705b6011792c0b7fdf	n/a
2024-01-23	n/a	exe	146396ad87d8967d093d8707a3fe131337e7e0a40793705a5297dbfb7ed6cbee	n/a	Fabookie
2024-01-22	n/a	exe	d0d9c0b93d533bf85b694534a071579db05d2a0172fc20d148557dcd692b1284	n/a
2024-01-19	n/a	exe	f70a335f6ccee63484bfbd32e68d928d68937aea35e830e2f744abaa7494c55d	n/a	Fabookie
2024-01-18	n/a	exe	c35721b28bbababd602630e66a5f6e49d6245ec2d866ac61a661567be50108ec	n/a	Fabookie
2024-01-15	n/a	exe	65ddb11683d2b3fd50168165aa0b50cd2cc7b7a3a64f8feb06ed50788bde5421	n/a	Fabookie
2024-01-12	n/a	exe	aafa82fb621b4843c3ae89bb8beddfe66244e203149880b79a4e8f42f5a7c4b9	n/a	Fabookie
2024-01-12	n/a	exe	8302d62f0ccd3c416440e413b641e698172e5258c81f1271da5fa782c034cc15	n/a	Fabookie