URLhaus Database

You are currently viewing the URLhaus database entry for http://admindepartment.ir/nwamax/nwamax.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:386634
URL: http://admindepartment.ir/nwamax/nwamax.exe
URL Status:Offline
Host: admindepartment.ir
Date added:2020-06-11 13:10:37 UTC
Last online:2020-11-11 00:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Blocked
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2020-06-11 13:12:02 UTC to mehmet{at}vitaminbilisim[dot]com)
Takedown time:5 months, 2 days, 11 hours, 24 minutes Bad (down since 2020-11-11 00:36:31 UTC)
Tags:AgentTesla link exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-07-28n/aexe faaf71c5fd35706219ccb6b3cf703461b6ee81da98e3eb97d52886ac119c9719n/a 
2020-07-13n/aexe 64fdec834bb254bc6e8061d9b2f1109741d2647caf6be88b11634b8dd4e6f209n/aAgentTesla
2020-07-01n/aexe ece1bdecefaee06257bcff36555fdfd03545311a76dd520fa54c7a454746d253n/a 
2020-06-30n/aexe 2df3fb91b09e4014778087cd23a2863627c1775ed1dd08c33e63168639b1d48en/a AgentTesla
2020-06-23n/aexe 4d69edbfb0ddf03fa20d939ec09c9c2b082f27d141294d2040be60fcce818eb3n/aAgentTesla
2020-06-23n/aexe 4e892591da59a34dbe9f193aee50de68ada3b074011a28f14323539147c554a6n/aAgentTesla
2020-06-23n/aexe 435e6e086381079a2053bf32c6eaad7e3689ae4a3f9dc667f162d0fe0df9c06dn/aAgentTesla
2020-06-22n/aexe 943ecaad3ff5c37496c7d5dfe7ed12037cbd178ec7eeeef6a6763024734f79e8n/aAgentTesla
2020-06-22n/aexe eef87896cd95bbaa30499b7dbc120e8f7fccd06e50d9bbd51deb8259aa324f96n/a 
2020-06-21n/aexe 59a0c8a60370a6074ed0e1809bc5bb863884e594887faacc2b2f783cdf354636n/aAgentTesla
2020-06-20n/aexe b990cb3f165e722fca4f61842f335086974ab5609706a1befc3501c940240117n/a AgentTesla
2020-06-17n/aexe adae0ce9e623d9f066434a6d4cdc08eed907e3eee3e3400ba8a48fad44a7c30en/aAgentTesla
2020-06-16n/aexe 59f75ba8fa0d2caee633e4e93b71981b671c759603409096adf3aa6d27af6b66n/aAgentTesla
2020-06-13n/aexe a2faf4bc514f40d5f9fc99e4b3d77932dc707803042101d84ec086122496fdedn/a 
2020-06-11n/aexe 3527459821914fe366b5f7eaf0dcaa40480a6a1f264f869e452b6cbc88017200Virustotal results 41.10%AgentTesla