URLhaus Database

You are currently viewing the URLhaus database entry for https://filteglob.oakwhisper.in.net/verification.google which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3808261
URL: https://filteglob.oakwhisper.in.net/verification.google
URL Status:flame Online (spreading malware for 1 day, 1 hours, 31 minutes)
Host: filteglob.oakwhisper.in.net
Date added:2026-03-30 09:07:08 UTC
Threat:Malware download Malware download
URLhaus blocklist:Blocked
Spamhaus DBL :Abused domain (malware)
SURBL :Blocked
Quad9 :Blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter:Anonymous
Abuse complaint sent (?): Yes (2026-03-31 10:33:16 UTC to abuse{at}cloudflare[dot]com)
Tags:ACRStealer ClearFake

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-03-31verification.googledll 6deac47d1d78c525e5f487d266a9a351a36dfdf43a181842d802ca15b6205466n/a ACRStealer
2026-03-31verification.googledll 747b251c0182f383756031a4911e4f408a599449044bf5553f50f0964b1f1a83n/a ACRStealer
2026-03-30verification.googledll 4e8b93c315302fd961961d214e69975718d7f3422316ad5271a2cf1d4cec0f45n/aACRStealer
2026-03-30verification.googledll 33c47942c21d84fb64295b61e73a2135a32559d010dd0d10e5b15c4c0c9f0660n/aACRStealer
2026-03-30verification.googledll 57acd72ee87496352fdd2e2daad44ade78ba53f00e517c49eace632b274225f4n/a ACRStealer
2026-03-30verification.googledll 69a5b974b9fc2fd64bef7c21f66821136d2691c9bfae068053c628a99b24d626n/a ACRStealer