URLhaus Database

You are currently viewing the URLhaus database entry for http://admaris.ir/kingx/kingx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:386640
URL: http://admaris.ir/kingx/kingx.exe
URL Status:Offline
Host: admaris.ir
Date added:2020-06-11 13:15:50 UTC
Last online:2020-11-11 00:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Blocked
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2020-06-11 13:16:02 UTC to mehmet{at}vitaminbilisim[dot]com)
Takedown time:5 months, 2 days, 11 hours, 20 minutes Bad (down since 2020-11-11 00:37:01 UTC)
Tags:AgentTesla link exe GandCrab link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-07-25n/aexe 33c019cfb02fa418acabb46330444d49a6330a234e084e82a7777fddabe59a8fn/a 
2020-07-19n/aexe 531deefd0b3b097541adbfa9663e256cc92d122d5e5cc7d21f13adc36be893cbn/a 
2020-07-10n/aexe 263ebf238499385dda6b8eaab1bc566da92b217715e2236373c2ef78dc022c2dn/a 
2020-07-10n/aexe 89847338f5dea9fea90dbd616dea17dfd4321ff2611b099ab0749045a1674e43n/aAgentTesla
2020-07-09n/aexe b74d82c2137cad350b5eca0cdb42e236480992affdf311eb766f559c5e4bf17aVirustotal results 41.10%AgentTesla
2020-07-08n/aexe 0c14d704cfd0fdcd71c3256271a373e23101896f3e4e9d313029f2b0c053de8dn/a AgentTesla
2020-07-07n/aexe 33366a898c1068ba516990b75498a65c3e8edd28cc4074d29b228ba25f9c042dn/a 
2020-07-07n/aexe a087e90ae52431a64c445ab5cb75d6672970e0ecaedc52be5ae89ab873c64fa4n/aAgentTesla
2020-07-06n/aexe 3f84449fb5f75fd819647272fbb4e81be702af7299981085064d8767608e27dcn/aAgentTesla
2020-07-05n/aexe fc63443d893f30278cacc4c379b1bb022aca23adf86baff7d56b5cb7a33332ccn/a 
2020-06-30n/aexe cfc3638032b53463fe8d4e5901f8f99a4c9aa8baa6c625a404232733be00b83cn/a AgentTesla
2020-06-24n/aexe 7139eaaf245e6c3fc08d7ae907d376d9af8a9df566d8631e9b0ba596010077fen/a Ransomware.GandCrab
2020-06-22n/aexe 738067ec907f78255aef1b88b13f915ceb174d620a98f37549cc22f38e5898c6n/aAgentTesla
2020-06-22n/aexe ecae413afd49bcb70f44880126648c3f1f4d6f1cb1cc91f7e028f85b651b501fn/aAgentTesla
2020-06-21n/aexe caa3b3ea804d0febce6e27d05521fe36560c0436b261de338de33a5445748040n/a AgentTesla
2020-06-17n/aexe 7968f350de1b307340f0c75c635ed73c8b9a690e9a47acc328b08a3f3e494d6en/aAgentTesla
2020-06-17n/aexe d6b766f0249f992bc3a69801a8b879a03df8af1a09e6272bb605af50555e28f2n/a AgentTesla
2020-06-16n/aexe d61114144d75601e84c45990c2bc6994539ee50c2d968c8b02966339e4bbfc35n/aAgentTesla
2020-06-15n/aexe 26767417c2969ff77af7a5eb1c72747b5e99dbb7c2fd4ec5c76f59dff4cc5f05n/aAgentTesla
2020-06-13n/aexe 81c363c202d8c5e67dec7111bdd418ed32ff12488f4752100df1e2499aaa6e74n/a 
2020-06-12n/aexe 9ddb8bfc743117483fe6e90e0d42f0c22ebbf8bfbdbbfcbcfeea517c62e2d63dVirustotal results 32.88%AgentTesla
2020-06-11n/aexe 1ac444d25db91db8976e58f52ccb227a1570100ebf83ca8d5b70ae7c43b5cf40Virustotal results 28.38%AgentTesla