URLhaus Database

You are currently viewing the URLhaus database entry for https://mussangroup.com/wp-content/images/pic1.jpg which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2933343
URL:	https://mussangroup.com/wp-content/images/pic1.jpg
URL Status:	Offline
Host:	mussangroup.com
Date added:	2024-07-05 04:02:35 UTC
Last online:	2024-09-27 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2024-07-05 04:15:19 UTC to info{at}veridyen[dot]com)
Takedown time:	2 months, 24 days, 4 hours, 28 minutes (down since 2024-09-27 08:44:16 UTC)
Tags:	64 CoinMiner dcrat exe GoInjector LummaStealer opendir

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-08-27	n/a	exe	bf176161a1a81aa55dd437aa1a20a9b117eb6a6b04e8c7ae4e4bbdf11f84a650	29.33%
2024-08-25	n/a	exe	befa0bf6728b13e31d87710224554af14efaad03b716c6ff2326bfaf87643e55	n/a	LummaStealer
2024-08-25	n/a	exe	9a23be337fcd551842122599ed014c122b040de7c876b4cec0f4790c5ca8bd87	22.67%
2024-08-22	n/a	exe	034cd504d1812ec5bec3327fa9453e08ba19ed4c547045dd4fbcd55aebb87e41	9.46%	LummaStealer
2024-08-20	n/a	exe	b1cd8601e724d3f7f86b9557ed561d118fccc5b09810758c5a3e881ea28de4b7	n/a
2024-08-19	n/a	exe	9c5c97c537897f9280ed511b4680979a098457618854222ea6e1e9ba6aa83b56	18.92%
2024-08-18	n/a	exe	d36743870ebee6f28c662d8ff3ed9dc6b1b3d0b857a32ce9d6f865aa45a1b5bb	24.32%
2024-08-16	n/a	exe	88fc2f8eb9c8bcd55aac25400b1ade16ca86b67ac26dcfbbc48fe0dddec0596c	21.33%	GoInjector
2024-08-15	n/a	exe	7560159d0fa15cf57a38699a70bd608945869270f29573b82109e4521bc4e4a5	25.33%
2024-08-12	n/a	exe	308825727bb71ac438376b3acc46086ac1a4b6598bff97181e46f5eb5a7d4360	12.68%	GoInjector
2024-08-10	n/a	exe	c6a05171019386cb7331765a0c2c92e5a66e562fe6a8c110f3252735be62a90c	n/a	GoInjector
2024-08-09	n/a	exe	c3169aabc913316b0c5826521fd77f22493d9d76546d60fd2445fa204667174b	n/a
2024-08-06	n/a	exe	a67bf50d7df33bd44115863a246d5066c05335e6767da154c302d3b73790ba9f	17.81%	GoInjector
2024-07-29	n/a	exe	34fdd1b30b3ebb182df7661794441cfbbd1b996c8bb94292498f61fcc0a0433c	n/a
2024-07-19	n/a	exe	505968dff5e73b6db05caaa86ea34633140ec3b7bb75b19167af7ce4af641259	n/a	LummaStealer
2024-07-17	n/a	exe	03cc43cede18ab080d9f1e79755b23a3eba74bec02f1ddf89871b2443f974a7b	54.05%	DCRat
2024-07-14	n/a	exe	ac46787d7511520d8dd14cb5a094141f338cc50b3c7b8cb31e3f136f5ad871ba	2.78%
2024-07-11	n/a	exe	9d48a91987aa030e15cede966c225763ef70dec98cc474b807e758be467c8557	n/a
2024-07-10	n/a	exe	45ac8f5f09080c11a6400258d5f09ca3586d82e25bd63a1889a6e4427a7e3a09	n/a
2024-07-09	n/a	exe	480f83695dd50d652910613f062a934c85a8ac9bae32bb542e60255e8e85128e	27.78%	DCRat
2024-07-08	n/a	exe	ae291e6482b4c6353490df035e179163b92b22bb22e0ae5cd6e83d99e47c071f	32.86%	CoinMiner
2024-07-05	n/a	exe	ce9b5ec3693188ed91e363e55286cd212f44912b042bd83a924af2f43daaa55f	54.79%	LummaStealer