URLhaus Database

You are currently viewing the URLhaus database entry for http://ggg.galaxias.cc/xnxnxnxnxnxnxnxnmipselxnxn which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3633637
URL: http://ggg.galaxias.cc/xnxnxnxnxnxnxnxnmipselxnxn
URL Status:Offline
Host: ggg.galaxias.cc
Date added:2025-09-28 08:25:19 UTC
Last online:2025-10-02 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Not blocked
Reporter: BlinkzSec
Abuse complaint sent (?): Yes (2025-09-28 08:26:10 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:4 days, 6 hours, 56 minutes Bad (down since 2025-10-02 15:22:20 UTC)
Tags:botnetdomain elf

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-10-02n/aelf 7ed24842a0f1a793184138e86e59f3584c71132521f5e741783aae4c4d823214n/a
2025-10-02n/aelf 9e1341ef5a38684e9b8924b46c12c399bb1462887c8992a706219b01835421f4Virustotal results 7.81%
2025-10-02n/aelf 2a7563c25c1fcf56fe001da780fbccf5141bbdbd0e69fcb0f2976d1a62f79734n/a
2025-10-01n/aelf 24efde5a24dd61586f72f3fb69a34aa224db20b7a2d4948dfa98e498dbca6ce2Virustotal results 6.25%
2025-10-01n/aelf c9918049ca03228a08eec853f2c65dba2a23b6a98f6330011bb35834a08ba948n/a
2025-09-28n/aelf e11f3175032156ebbc049d8a2da30b0c0b8f299c67d13f9be405673036cfdb59n/a
2025-09-28n/aelf 1f64c18fe1caec62a514c7051a6fbda9380b6c80780bf90dea835194f041a286Virustotal results 6.45%