URLhaus Database

You are currently viewing the URLhaus database entry for https://dynga.pl/common.dat which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:3851172
URL: https://dynga.pl/common.dat
URL Status:flame Online (spreading malware for 1 month, 27 days, 2 hours, 28 minutes)
Host: dynga.pl
Date added:2026-05-21 05:30:10 UTC
Threat:Malware download Malware download
URLhaus blocklist:Blocked
Spamhaus DBL :Abused domain (botnet C&C)
SURBL :Blocked
Quad9 :Blocked
AdGuard :Blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Not blocked
Reporter: abuse_ch
Abuse complaint sent (?): Yes (2026-05-21 05:31:12 UTC to abuse{at}ovh[dot]net)
Tags:Efimer

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-07-01common.datexe 0596138dff680418cc003aae1f61dd8c433a28b86b62d747a05e31bdbec26b5dn/a Efimer
2026-05-21common.datexe 10ad8c91b8c9ebc2a02e461c1e32b72ef594f516115e6ab5759df4076798da7an/aEfimer
2026-05-21common.datexe c119513a8ae86550b625750af86ff5af2eebecbbf46fc7fe3cf760e31f4ae63fn/a Efimer