URLhaus Database

You are currently viewing the URLhaus database entry for http://assets.gziraq.com/css/f2e7fcb20146.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3235679
URL:	http://assets.gziraq.com/css/f2e7fcb20146.exe
URL Status:	Offline
Host:	assets.gziraq.com
Date added:	2024-10-15 06:39:06 UTC
Last online:	2024-10-17 12:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Not blocked
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2024-10-15 06:40:12 UTC to karina-rashkovska{at}ukr[dot]net)
Takedown time:	2 days, 5 hours, 52 minutes (down since 2024-10-17 12:33:04 UTC)
Tags:	exe MarsStealer Stealc

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-10-17	n/a	exe	5abd4f3531ff64887130ada0f3e001692d2da6456fb43be7aa8fdf04dd2a6387	n/a
2024-10-17	n/a	exe	e1a94ed41e8f4cb0f8f8fa1de94b892bca2240c1aa87b0960a5b011a9f6a6977	n/a
2024-10-17	n/a	exe	3c82ad1fa34a35ec5b061b704556555af6c530984bbd20f5d77dde9e9f22345a	n/a
2024-10-17	n/a	exe	0fca18ca6b1e0728bda72cdf2889a3511edfcfaff6d76bb203d0c32517b74bcc	n/a
2024-10-17	n/a	exe	1face211d4a1c54cc3980c1e09a914be3938cfa9203f7bd7b487abe2295037dd	n/a
2024-10-16	n/a	exe	0595a629eb05116483ffa4fa09300183144a0c44e1211e127a4846f6f6346025	n/a	Stealc
2024-10-16	n/a	exe	7b75bc40b742aef7592d05b922085a332da6e9683070e4994e2db560e8f8299b	n/a	Stealc
2024-10-16	n/a	exe	b87b3a073ccbb5706ccd3b4a42ffbf4ed223ca60dff26e957aa62ac978fcfe89	n/a	Stealc
2024-10-16	n/a	exe	0868521abcd0c58e435aab5b41ffbbbfe82b7bc44e29d050959f7fc8c36c69ab	n/a	Stealc
2024-10-16	n/a	exe	d0e7834b48f141348eb80e0d44c2bd2f0d0f4c0bd5b8644b252d1cbb386d61bc	n/a	Stealc
2024-10-16	n/a	exe	2c0bdbbc8b758911bb2a7e6e08f6629b1f6e9eb503d76da9ec8bd669b133d5de	n/a	MarsStealer
2024-10-16	n/a	exe	16bbb216deb24ea1135f0bed7499e10e4760a972ba0c1520675674c26cb1b54e	n/a	MarsStealer
2024-10-15	n/a	exe	31783d004693bea413c091b2c04c3325d9a2bccced15fdf01bfb164c2ffdb77f	n/a	Stealc
2024-10-15	n/a	exe	5d94e26ad53bb71a9e2750a02ca0d9383eb60b2a46274819291e2ece4913fc62	n/a	Stealc
2024-10-15	n/a	exe	de16a6f1d14925758f4ea8055474c8a179345e7a811aa7a89dbb8dbb87d480d9	n/a	Stealc
2024-10-15	n/a	exe	8d24f74f7892c9d23c151cf2dd00928c7dd7b61dcfba7c4f96acbb82886319d1	n/a	Stealc
2024-10-15	n/a	exe	2ab30c776c2b8751c67c46212251ab0b91c5e8090505d82eb0ade18e33dd9002	n/a	Stealc
2024-10-15	n/a	exe	83066400619f7d6c31ed29519f723a8f53d86c419682613011069c05a0d9a118	n/a	Stealc
2024-10-15	n/a	exe	ff75ff2087513de8c89743fdb94bd7728e1c36dddf5ef8d6a37684c4b2e79d6c	n/a	Stealc