URLhaus Database

You are currently viewing the URLhaus database entry for http://assets.gziraq.com/css/63e909b3647d.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3235477
URL:	http://assets.gziraq.com/css/63e909b3647d.exe
URL Status:	Offline
Host:	assets.gziraq.com
Date added:	2024-10-15 04:16:08 UTC
Last online:	2024-10-17 16:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Not blocked
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2024-10-15 04:17:09 UTC to karina-rashkovska{at}ukr[dot]net)
Takedown time:	2 days, 12 hours, 16 minutes (down since 2024-10-17 16:33:35 UTC)
Tags:	32 exe LummaStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-10-17	n/a	exe	5ea9eb814fc613d0787a0e531a56caae0ccbe80a92cce2ac12cafd424b8f8a7c	n/a
2024-10-17	n/a	exe	152217914910421b204e9ccdab9feadb2c7e6ee689da4d9830a28322419597a5	n/a
2024-10-17	n/a	exe	7697ce85f9ed74011c263d652398ffb421b4154f758a0977161dccdb621e0498	n/a	LummaStealer
2024-10-17	n/a	exe	d36456c68b78e7209c51ccd8888843f3282407160a90b40a990be74174c2a43d	n/a
2024-10-17	n/a	exe	21e2a55c3c271c8c9c0f916da7fea021edb99843598ac28afbee581be7259fb8	n/a
2024-10-16	n/a	exe	d74ffcb77c660673ad43f416f81fe967bdc6f340ca5a17b5001a378024ef5883	28.77%
2024-10-16	n/a	exe	2c8cdee9e13cf252dde58b56a79e7a2de5da50718e8390204b0e32c0316b96a0	n/a
2024-10-16	n/a	exe	a1b684ad2ca49d1beb073a5d3e57f7c903a8d49bb774d9751322cbe302dd20ac	n/a
2024-10-16	n/a	exe	2e10cced748010fd44f39b04991fd6c4210f70d73918239424473703460164e1	n/a
2024-10-16	n/a	exe	00b30678d048605a1318c3c273afcc64be3b35beb73c40dcf786d358489ae09a	n/a
2024-10-16	n/a	exe	1cb4ec0583c249bde7a222e8ca0d0018412a6a684c11d3019aba91c0a140d091	n/a	LummaStealer
2024-10-15	n/a	exe	75aa29590d61dce65ae569f63ebda46edd6eba1b853a745ff1091d18fc8b46a3	n/a	LummaStealer
2024-10-15	n/a	exe	32648b04a43ed9cfa7c160cb22f518990b0cb654359964a4e0d25c3d061e1d01	n/a	LummaStealer
2024-10-15	n/a	exe	16248a7cf18e2c3a415f1d90286708c65f471f783376cee7f885d13326088770	n/a
2024-10-15	n/a	exe	d1aba334851f3d29ca2ca8e9d430892a82fe00605e59b3ff7c73fa7a517beaa1	n/a
2024-10-15	n/a	exe	afeaae3288aedb2b4b2cc14a3a31c9c6ccc8a2fdc9b7405ede26dd2d5ca08188	n/a
2024-10-15	n/a	exe	3f9dcecfb238bb18d3da3f8926206ac592de8ff492c15fd5b5bdc9f46febe0d7	n/a
2024-10-15	n/a	exe	be005ba86358270309689b128acbc55c0fada78dfcb02f356dd4a41faed50a6f	39.73%	LummaStealer