URLhaus Database

You are currently viewing the URLhaus database entry for http://abass.ir/kenlawx/kenlawx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:366451
URL: http://abass.ir/kenlawx/kenlawx.exe
URL Status:flame Online
Host: abass.ir
Date added:2020-05-22 07:28:10 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL :Spammer domain link
SURBL :Blacklisted
Quad9 :Blocked
AdGuard :Not blocked
Reporter:@zbetcheckin
Abuse complaint sent (?): Yes (2020-05-22 07:30:08 UTC to noc{at}dedfiber[dot]com)
Tags:AgentTesla link exe Loki link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2020-07-09n/aexe 875a779c527c702b773fb384d9a397a1b96cc53bc9a15af13509d8b7d8def1c1Virustotal results 41.67%Loki
2020-07-07n/aexe 349f917c3fdd3537d950298857cc6ec1291d121dae7fbc45d3d34a94b72e2944n/aLoki
2020-06-29n/aexe b52ebab09fda5da9ab198c909d8dd52f8ba72f318d14279b856f824fa6029d0cn/a
2020-06-23n/aexe c88194ac071ebe414770c1caa50c1263d4438df6578b728716617777043adf98n/a
2020-06-22n/aexe 83058e4988c7739474e0b40b7e09e77ef815e295080c1a873dca9bb6ddb15d9fn/a
2020-06-08n/aexe 9346abda4d705ecc5d46797989616589058a19fa3857c232ff5bec166051830an/aAgentTesla
2020-06-07n/aexe b0eec8bd5f60b70b27546edbe4d16f2316d58dbeb8ebc478df7ed3cb7c1e762dn/aAgentTesla
2020-06-05n/aexe e583af99eacb5d6801001cc6c8b052e3267cda7111832ffded94fa68ebe2d9e6n/aAgentTesla
2020-06-04n/aexe f08d00214bd5328508e6a3a5f32a13f36afa6eb18d33f141c30c8d4768ed25f3n/aAgentTesla
2020-06-03n/aexe f001467931773b16a3c256249aebd68e1c0758806b84b0e8b046018481634d6dn/aAgentTesla
2020-06-02n/aexe 7867b1b4c3c9620f168f2724bf8f68301a942922cd542cb278f819bfbb051040n/aAgentTesla
2020-06-01n/aexe e94d73fbdb8045ac86a6fe1387733eda8fdd08629c9b50e6820ef94a1a675d90n/aAgentTesla
2020-06-01n/aexe 55867512820bca590763617ac4e1fcec8698b67ce7791bd868fdd0df8c9190a8n/a
2020-05-31n/aexe 42efe7ffb9ed15a7f86cbcbf1e1eda0578e3c1e9d27e4895c85dbff438dcbc30n/aAgentTesla
2020-05-28n/aexe a2b2d55d5396e41e9e5c05caea792ee7ea5656ea034e8d71865011503a62afe9n/aAgentTesla
2020-05-27n/aexe 295e1b923fa922152965623b87419a74219c1759035f00a2fb0c437a448dfa09Virustotal results 26.39%AgentTesla
2020-05-25n/aexe 98216a29a1c72f9ced8cce663f3f42d8c3d74d87251040c2d3f316839ae41be7n/aAgentTesla
2020-05-25n/aexe c7f9480f10570207430abca241c7cdb04a792647914c0bc09eecaed28a7334a7n/aAgentTesla
2020-05-22n/aexe bdbe8a51b702700c3149e98a7d2c3daf79ce1980b38c818223343532fd0487c9Virustotal results 46.58%AgentTesla