URLhaus Database

You are currently viewing the URLhaus database entry for http://cloud-server-updater18.co.za/doc/officebuilder.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	382233
URL:	http://cloud-server-updater18.co.za/doc/officebuilder.exe
URL Status:	Offline
Host:	cloud-server-updater18.co.za
Date added:	2020-06-05 13:49:05 UTC
Last online:	2020-06-26 23:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2020-06-05 13:50:03 UTC to abusepoc{at}afrinic[dot]net)
Takedown time:	21 days, 9 hours, 17 minutes (down since 2020-06-26 23:07:09 UTC)
Tags:	exe RaccoonStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-06-09	n/a	exe	c7b903780f35f8bf649218061e698fbcc73a51aa70d049d60d91b6d28520b706	n/a	RaccoonStealer
2020-06-09	n/a	exe	bd416dab1dc3cdd71e051b110e1f4b01dfed1c5879e9e2b927a506c608301ccf	28.17%	RaccoonStealer
2020-06-09	n/a	exe	4706a7f07c842e44f698a718c2f056bada6f4c1cf4c49f4741c3f481b24b4b8a	n/a	RaccoonStealer
2020-06-09	n/a	exe	989fc10662489f413eee95d080187777e58aeed34abc091340df7f59a9335b2c	n/a	RaccoonStealer
2020-06-09	n/a	exe	28813d0af6ee901e2a0bac2fb5b3b666868b962cc4aad4b1640c10b6ac741db2	28.17%	RaccoonStealer
2020-06-09	n/a	exe	ec46493c7187f7058d806f79d2962f353319e2d45a9365aeb3b960e7b5587293	28.17%	RaccoonStealer
2020-06-09	n/a	exe	ec2a9eb4ac87e65c0744fb0eadd77198bba4b0d2e338aea57c08fb9ee50de3d9	n/a	RaccoonStealer
2020-06-09	n/a	exe	301c693ec8d29bdfd7c8df93e77cebdb51b06f3045618dd58b06b00fed4bb2fd	28.17%	RaccoonStealer
2020-06-09	n/a	exe	b48f78b3da5dcb47551d967c452461748f81138974a6358b98f11384fcb10f28	n/a	RaccoonStealer
2020-06-09	n/a	exe	7eeae8727c7961c3da56e99de9e3463bf98e267a7ec0145d360293349465ab3d	29.58%	RaccoonStealer
2020-06-08	n/a	exe	a8adb00ab90353a08855236b402867ab71d08638a5317e7f3507e12f9aa9e966	31.88%	RaccoonStealer
2020-06-08	n/a	exe	756471a2357873f3df397480a173e1380286f4384643ab859d57973e7340e31c	n/a	RaccoonStealer
2020-06-08	n/a	exe	1bff41245d3c06fabd5873827fbcb439e967ffed497aa0db52abee316c9127c8	n/a	RaccoonStealer
2020-06-08	n/a	exe	356d4979297a9edd9043d376a7f4a86c0e8c6a93bd9aa345b0969706cd2f9d74	27.78%	RaccoonStealer
2020-06-08	n/a	exe	5c2f8f5dd381878e8507be2a11eba1118f28f6de24c10b4f2207c04b608f0ed0	n/a	RaccoonStealer
2020-06-08	n/a	exe	722126adc22511871123f3057fcb89f2cc45691a6a6de1eee69c72f19cbdb281	n/a	RaccoonStealer
2020-06-08	n/a	exe	adf006c6d84e027daa04b915061928f87d27a285dccc77d39d5b582c8d290f29	n/a	RaccoonStealer
2020-06-08	n/a	exe	e3b99f09f8c197edd4a0bb3953c4b2e7c5590047bf2ccd946b8fd30244c4bfa6	n/a	RaccoonStealer
2020-06-08	n/a	exe	f445d63184908a0dd348bcbde82feb2cd1a2e387099e5df304f1a72f3e214845	n/a	RaccoonStealer
2020-06-05	n/a	exe	a61d49a1253008d99edb3454be53014f5aca06bd41bd70b77ad2266a3579fcbe	29.17%	RaccoonStealer