URLhaus Database

You are currently viewing the URLhaus database entry for http://detafa.com/cps/nass.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:358705
URL: http://detafa.com/cps/nass.exe
URL Status:Offline
Host: detafa.com
Date added:2020-05-06 07:05:09 UTC
Last online:2020-05-19 14:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Jouliok
Abuse complaint sent (?): Yes (2020-05-06 07:06:09 UTC to abusenoc{at}layerhost[dot]com)
Takedown time:13 days, 7 hours, 28 minutes Bad (down since 2020-05-19 14:34:30 UTC)
Tags:exe Formbook link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-05-19n/aexe dbfa283c5c2952606e5320013691aa62f481cd21b9cdfbb0e2c15272d90bff4an/a Formbook
2020-05-18n/aexe 3f2f3a14735554ed3aff984872c82525605f9574583d6e213219d6f3c0132cd5n/a Formbook
2020-05-18n/aexe b8ee3458736fa73672b43a4c55e136bafc48b215dcb89dac28b5865ab59fc99cn/aFormbook
2020-05-17n/aexe 6d15e8c5e474afa9a5a86223cb28090ed152659e8a225e55470317ec99dddc32n/a Formbook
2020-05-15n/aexe 2dd5454985f9510ea6428ac4c0bc6874640edea1a83023a35a536da1d9697a49n/a Formbook
2020-05-15n/aexe 20da0baacd7e41c7b185d2d4b386079893912fb569f6322999156fdbbe6bbc77n/a FormBook
2020-05-14n/aexe 1fe8a907a2f2dd25379b8f48698f397ba03e5572a633c72c958c063704a8adfdn/a Formbook
2020-05-14n/aexe 5df06b5d632b57e5325fa1e9c3be4f5e80c790ddfb9893cab9b7802b7f17ce41n/a FormBook
2020-05-13n/aexe fbb64fdcbdbf49f5563045ace82690efb50d794931f8407c414384ab7d29fe5bn/aFormBook
2020-05-13n/aexe d949f8296ac98de451f12316debf06b71708d96d3e4b1b4aea77bee6338e0a5bVirustotal results 22.54% Formbook
2020-05-11n/aexe 2227a53cf9f5c999b87d560575a9328cec0e53a3e06eb8eee9944c1dd2e4f4can/a FormBook
2020-05-10n/aexe ed3318102d772c4dcecfb1e10f37cfd3fdcbaff1d340ba9c2bc5dcfe6383f339n/a FormBook
2020-05-08n/aexe b045411ef0fdfc078364082d05e8d3a558a3d5f7d238f5904e19da753eed3967Virustotal results 20.83% Formbook
2020-05-07n/aexe 2715244abebbb8a1f58679bf1734221c652a61c7720edf7400a58c7721f54076n/a FormBook
2020-05-06n/aexe 61e169cb08c5e3b163370cd992574347625e887eca583922412ddfaed2d6bd10n/aFormBook
2020-05-06n/aexe 4923037fb58a4491f08c85e0cf38a74d92dd36860932814170dc942a031bad2fVirustotal results 21.92%FormBook
2020-05-06n/aexe 262c1d496f71838d2fc7b82f7d0fd1544bfb9316f33bab04df69b473db2cefden/aFormBook