URLhaus Database

You are currently viewing the URLhaus database entry for https://gutando.com/ftwo/update which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3713849
URL: https://gutando.com/ftwo/update
URL Status:flame Online (spreading malware for 6 days, 6 hours, 32 minutes)
Host: gutando.com
Date added:2025-11-22 08:10:09 UTC
Threat:Malware download Malware download
URLhaus blocklist:Blocked
Spamhaus DBL :Abused domain (malware)
SURBL :Blocked
Quad9 :Blocked
AdGuard :Blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Blocked
Reporter: tf_work
Abuse complaint sent (?): Yes (2025-11-23 15:31:18 UTC to abuse{at}cloudflare[dot]com)
Tags:macOS stealer ua-curl

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-11-28updateunknown 364713c34d8d89b5964129ee29dddef2c99e562e5750c4b7542893c8761d5f9bn/a 
2025-11-28updateunknown be7a8056d48ee028e124eeefda22fd5392d29efe09a87de4970c1cca3bb7fdf7n/a 
2025-11-27updateunknown 0de97baa3b6187ae6e93dfce9345878cce50ca569f4ba498849ed276d63efaf8n/a 
2025-11-27updateunknown c14504e61f030e0393bbf9cb38850f76787b1ec4301dde086eb90759b2c4c084n/a 
2025-11-27updateunknown 942d4ac32d6fe62df1f8cbd6ebcbe2c75fa5c57531b098355644cf43076270b5n/a 
2025-11-27updateunknown 865d7ea1450ebc273258b8f1375b3111be414cfc587568152782b1dd96cce9ben/a 
2025-11-27updateunknown 7301191bdca432eb3e4900edf5c8787064af266e7b686932ac2e4b13e615aa7fn/a 
2025-11-27updateunknown d42aea3da4589043acf1a54ca7d4be6bd84268034821c704d1beecd7aeab75b0n/a 
2025-11-26updateunknown 036da808868377a9e81951b233df0049ec35490e084ed0884060837f86d9da96n/a 
2025-11-26updateunknown 6be12a3c68e8d915a13c8bfad82f6fddfb14170d0c2058970f9a4e24f6f26771n/a 
2025-11-26updateunknown 492e4d8e70a7d187ed90ff825b37b2d41959e4b8727b7215ca86e1e77e168f75n/a 
2025-11-26updateunknown 8649fcfaec70285c9a68d8d5ea3643020267a4c9037e545cc543b2d25def2736n/a 
2025-11-25updateunknown 3b633d7a13cc4e5d86f36ea72552d4fd28a58b8960edf3ac1efc2ebe6c860515n/a 
2025-11-25updateunknown 1afae34ef30ec9cd86047f49616215d5279d31a7ea969b69897e51e6d77b9891n/a 
2025-11-25updateunknown 24fafb1a3afaecfb8cf83cd35392ec9be0076021af9d82dcf91f99bc55e8e9e3Virustotal results 18.75% 
2025-11-25updateunknown c0ce571a3401dfe4f819e6f88e438247d886d7ade6452048576b6e6df0b87007n/a 
2025-11-25updateunknown 9db5117ea991ffbd9a807626ea36a0c1b127f64d4faf21ba8f66d345d71da09en/a 
2025-11-23updateunknown 458edc57c9a5ae62ec81464ef949a673d55e9bf1c8a06ae90b00cdd25bfd206an/a 
2025-11-23updateunknown efcea793d4cb324111a8d3fca9d723278fa4cfbbe6e89461549884fd47a6cd24n/a 
2025-11-23updateunknown e345cef07e00a613600235c1f597323571b510576f78755401cd4ebf7eaf0dc2n/a 
2025-11-23updateunknown 90bfbb50ec1d6590e5b825e477a483d04e3d0d2e9fe33373396764e9b9891f6cn/a 
2025-11-23updateunknown 0576cc18c7be69bf2da1903315ed5030410aadf221220d9a707b0f396c00e0a6n/a 
2025-11-23updateunknown e776cdcf95d2c5f3263fac11e926472b39cc105db0a76af68600dce0cd5d7133n/a 
2025-11-22updateunknown f537bc3e9188ffc4e70a4629b6423d377f783bebd42d1bdaf25f310febbb4b41n/a 
2025-11-22updateunknown c6b1d19c15760a27f97c0dfdbbcf228ec9100808a9e2703df6415a7c57fcb9f2n/a 
2025-11-22updateunknown 90c56d2bff0782ec6c2eaf05ab3a07bddda68aad424922087c64912c14db863bn/a 
2025-11-22updateunknown 25ab39d4aae146433d6c46ee4a9aa41aa7932d2e0be8e6dd5ebe3289b81eb110n/a