URLhaus Database

You are currently viewing the URLhaus database entry for https://myguyapp.com/msword.zip which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3340030
URL:	https://myguyapp.com/msword.zip
URL Status:	Offline
Host:	myguyapp.com
Date added:	2024-12-10 08:44:08 UTC
Last online:	2025-09-30 09:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	abus3reports
Abuse complaint sent (?):	Yes (2025-09-28 20:06:12 UTC to abuse-network{at}squarespace[dot]com)
Takedown time:	10 months, 9 days, 8 hours, 24 minutes (down since 2025-10-15 17:10:07 UTC)
Tags:	pumpar RemcosRAT

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-10-15	msword.zip	html	b2066155166f6710e10464f3521dd07ab933e505a180685c9afc0446dd9d1b0b	4.92%		RemcosRAT
2025-10-15	msword.zip	html	7d9791d782389b41ff2d404af89bd0ca7d4fcd66aca90924ab0aa897f64a2315	4.84%		RemcosRAT
2025-10-14	msword.zip	html	f0b816758ff729a70ec550eec49ee19e45b26a2c60824945f7536223a21d0f63	4.84%		RemcosRAT
2025-10-11	msword.zip	html	5662877c2be6c685ca2eea4fe9419df3fb838bba9afcf99516c676fbcd1eb302	4.84%
2025-09-28	msword.zip	html	fb2d9e7dd1fde51d38ffe96ca143b341630449bb8166f76958692526de2648d5	6.45%
2025-01-27	n/a	zip	26728964151a72366e103c4f85d817e2a95b52ec38483fa3ac2d96f36c3cac45	n/a
2025-01-21	n/a	zip	cc34c832bfa54b4b3500e07b08b7a2035df0df0afa3f702cfe7712f7563e55a5	n/a
2025-01-21	n/a	zip	4d7f9d802a26a65a9123d3ae80f8e632b9b40dc13270f6f302f6ff979dda0259	n/a
2025-01-19	n/a	zip	fe6d64db25a9496e528e64f09e41048af927ded5dd99ffb1b749b85b0bb23472	n/a
2025-01-16	n/a	zip	84b29066936b7bbb41949974a62cd2dd51808b6d7e6305e25c37c54dcb7fae1e	n/a
2025-01-08	n/a	zip	ab2b6d3c849a207a93cfec18a684ef980ae681c4f901a3b12858a2c3ac05eccc	n/a
2025-01-08	n/a	zip	30cfe37424f16f7df5879897518eacf662aca22993acb2edc8574fc2088791d9	n/a
2025-01-07	n/a	zip	71e079c841ffe0c9f026678256d86d7c6316e576dc6ad814d049a8c833b5a9aa	n/a		RemcosRAT
2025-01-07	n/a	zip	353493a6cabd5220903133d868547bb1d6cfd63cb79c87a26f08d733244f8212	n/a		RemcosRAT
2025-01-05	n/a	zip	b9c27330ed8eae02a918901435a2d1f98ee20cb2390d9f69fc45a043f2009a5b	21.31%
2024-12-10	n/a	zip	ce5e1dba0dff8a00221d668d1e6b64419d57073f602cc12eedfb8ccd46b403eb	26.56%