URLhaus Database

You are currently viewing the URLhaus database entry for http://opsdjs.ug/ghjkl.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2758162
URL:	http://opsdjs.ug/ghjkl.exe
URL Status:	Offline
Host:	opsdjs.ug
Date added:	2024-02-08 04:56:08 UTC
Last online:	2024-07-15 11:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Blocked
Quad9 :	Status unknown
AdGuard :	Blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Not blocked
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2024-02-08 04:57:04 UTC to abuse{at}pro-spero[dot]ru)
Takedown time:	5 months, 8 days, 6 hours, 42 minutes (down since 2024-07-15 11:39:47 UTC)
Tags:	32 CoinMiner exe Rhadamanthys

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-07-08	n/a	exe	33682e861b76b0ae22b7361f5b59bb7e69b95e69480156714f01e7044408b546	18.84%	Rhadamanthys
2024-06-29	n/a	exe	8491781afed15ad4fa80b176c3516cd3b44e7880a559ab22899b216be74cec48	13.70%
2024-06-26	n/a	exe	f567eb23dd95fe66f925bce074253f46263b0916de62d8850dd8c3ac35efc72e	13.70%
2024-06-26	n/a	exe	c04200d5cf07683046a213f28b227e5333d32de291dd448c4cb9bea5bafc76b8	13.89%
2024-06-26	n/a	exe	47a817f85453e16e52d201810fd5a719a1fcb01c49dfd350a2fc36fef42ac442	12.68%
2024-06-26	n/a	exe	a2e4f1eead7d430cf08d33e04c48adb2af23b71ec4c633bc6b88d870c1d61a56	11.94%
2024-06-26	n/a	exe	f1a3575752ad9f9ed80f361cda52efb5b46a8cc15a23b2c047d1f146008128fe	11.94%
2024-06-26	n/a	exe	a31d2bd866d61f88043596ef2723271f53f79d8f584c3fd1cae625d23772d256	13.70%
2024-06-26	n/a	exe	8c13fdcfeb87abd390f487e9d51d7edcdd6073951a5f96e5c0b1f7d899874932	12.50%
2024-06-26	n/a	exe	24f6c1b06912c2d8d46c6ac10737fd8efaaf7d18b227279f9dae584a5625c0c6	n/a
2024-06-23	n/a	exe	7ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224	32.43%	Rhadamanthys
2024-04-18	n/a	exe	ddac70c7b96857eefc2f8d48c804335938ec01d5ac360bd348fb1bd3c4b38608	n/a
2024-04-18	n/a	exe	e553dea981ef7d284b156971514c8cf2ea090a921dbc153603dfd9f5387a3f41	n/a
2024-03-27	n/a	exe	432747c04ab478a654328867d7ca806b52fedf1572c74712fa8b7c0edb71df67	29.17%	CoinMiner
2024-03-19	n/a	exe	650f0248f6b9b3287e7bca580b50e435652ce809a59cd889596188e31711cbde	46.58%
2024-03-18	n/a	exe	be73738191878fdc49c8994b60069df39e835b6bae6a4a8ded041c87b8514e1d	43.06%
2024-03-17	n/a	exe	4dc4a5731364b47800189b82f0fe51fa1bda5ea828af59b57f22c88b7b13894e	42.47%
2024-03-17	n/a	exe	d8c2bd9e0cc617f9ab3c5b0537a9e1265dd9af848bd9ff40dbb4b846c8ffa825	52.05%
2024-03-16	n/a	exe	cb2c6008b4669cd085f5f31dadc672c7d2073a6e8f12e5718d3cd8f3371803f7	n/a
2024-03-16	n/a	exe	0d8e77dcc323b730abbeda30dc24c27e654e21e28d18d0432316171fb42c0b2d	n/a
2024-03-16	n/a	exe	12511b24a2b40faad14c21e35306b10d4364c5aa316347d91fd09d0d30f0bee5	n/a
2024-03-15	n/a	exe	b3563d18c326514f9a863c2ced5ae7555f9234a4a44016422f99ae30a7941311	n/a
2024-03-15	n/a	exe	5020c4d37d5c043efd7855b4374540effce76c8b8265a986a51f1d5723fe05b8	n/a
2024-03-14	n/a	exe	78dc6f74adcab5adf787ae6eb2b30b9af1d7fffe33ba9950b50bd73d1550bcb1	n/a
2024-02-08	n/a	exe	217fbf967c95d1359314fcd53ae8d04489eb3c7bdc1f22110d5a8a476d1fc92e	79.17%	Rhadamanthys