URLhaus Database

You are currently viewing the URLhaus database entry for http://admindepartment.ir/mazx/mazx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	386538
URL:	http://admindepartment.ir/mazx/mazx.exe
URL Status:	Offline
Host:	admindepartment.ir
Date added:	2020-06-11 07:55:23 UTC
Last online:	2020-11-11 00:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2020-06-11 07:56:02 UTC to mehmet{at}vitaminbilisim[dot]com)
Takedown time:	5 months, 2 days, 16 hours, 22 minutes (down since 2020-11-11 00:18:29 UTC)
Tags:	AgentTesla exe Formbook

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-28	n/a	exe	7820aaf8d9b59132a60deac3618900ca47a00a53cf0ea2bd83d0acb3b44828c9	n/a
2020-07-25	n/a	exe	69a5d10707666d99f908169130a310aeafd5e1aca70a07d0cc4f1448a5368cea	n/a
2020-07-22	n/a	exe	b8992ef80ecb20be687239d11b626acca9900856c518527cf5f997b9d343222b	n/a
2020-07-13	n/a	exe	faab680e8a8c577bb914b273f970c269b303c065d18181a0e953ea5cdeecb746	n/a	AgentTesla
2020-07-13	n/a	exe	b0dca7beac04bb222ce15a52bcfab697d531f17ec3c0bbc476b6bdc185e94a09	21.13%	AgentTesla
2020-07-13	n/a	exe	01b41cf35ad23a2472e14dd1da91763d1e9e6fe609a20372992242552a0fd3a5	n/a	AgentTesla
2020-07-12	n/a	exe	8885bc803954f823e791b279d1f5e18b6937b3fe8213570a8cfcfbceec055f6d	n/a
2020-07-05	n/a	exe	353642fc4ffd5650fc0a7454be7a6c871088f60dbec1c92f60edd28b4b14b966	n/a
2020-07-04	n/a	exe	0c7c2a31d0cb4c93d4ebd60477835daed285e413b3074f23195791c63df1639c	n/a
2020-06-30	n/a	exe	15c4fa85cbc2c692575d38601a56e49a52a23d74a2dce110bf17beadf46672bb	n/a	Formbook
2020-06-23	n/a	exe	c19fb97d3e525f1cee45c33c03b3f60b8d2e27a57ccf7c9900ee85c7807bdb31	n/a
2020-06-22	n/a	exe	5f548015f3c7d81e255e3572e5ff9c9d89a93a97e5a104be698883bc20d60d54	n/a	FormBook
2020-06-22	n/a	exe	4e6fcadf1bd005f1c137c18e8c2c33cc2c77f0ae2e2384ca58d3ddd54da063b0	n/a
2020-06-21	n/a	exe	dfeec200e9905b3a82fdedc6e5fab5819e2267fd25f640bb4c7c44b606acdc3b	n/a
2020-06-17	n/a	exe	2f89220d1eddad0ed4aa8be50aac3376dcacf3343bcf76b94c85347be9fdcd3e	47.30%	AgentTesla
2020-06-16	n/a	exe	e2a3738384599b7662c89410426036ef0d55ae0c8a3d915fd2a0a40659deae40	37.84%	AgentTesla
2020-06-15	n/a	exe	cdb5f843ba4e1e52b20171eb495540f3a0873f0235b8be5e69255212899ffa95	n/a	AgentTesla
2020-06-11	n/a	exe	971fd2053d4a62223302474c983169287b78918339c7779fc9eadaafde0c8e2e	30.56%	AgentTesla