URLhaus Database

You are currently viewing the URLhaus database entry for http://parisgranhotels.ga/SD3/win32.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	418706
URL:	http://parisgranhotels.ga/SD3/win32.exe
URL Status:	Offline
Host:	parisgranhotels.ga
Date added:	2020-07-24 05:44:05 UTC
Last online:	2020-10-09 10:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	oppimaniac
Abuse complaint sent (?):	Yes (2020-07-24 05:46:02 UTC to abuse{at}selectel[dot]ru)
Takedown time:	2 months, 17 days, 4 hours, 17 minutes (down since 2020-10-09 10:04:00 UTC)
Tags:	Adware.Generic exe Loki Neurevt

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-25	n/a	exe	248820765eb369e607fc8cbecda1dbf0b24e3efb75a082dee1be3033536dc69a	n/a	Adware.Generic
2020-09-25	n/a	exe	faa14527eaf85d774c857a178edd17f27486078551bd8b892ba0f607cb02ecde	n/a
2020-09-25	n/a	exe	b7bcd6f3f14adfe84a9f66cfabde2af309fb0365208a116dd59b58f1bd2492c8	n/a
2020-09-25	n/a	exe	48135a67f9c6156946af0d9defd2ab2a7153ec0302f96d5504e302a11c1ee8d1	n/a	Adware.Generic
2020-09-25	n/a	exe	0bc00c0fffbc8148353e7009050a597b31eac96221477d9e6c6d2122db7e249a	n/a
2020-09-09	n/a	exe	ded27519cb77f641b655cc1af99bf24599c62530569c12270025047e8ee3d315	n/a	Loki
2020-09-09	n/a	exe	bc36c8d0ca400dd8e12f7d5af0569c24f549305697b46804fa700edf573884fb	n/a	Loki
2020-09-08	n/a	exe	570672980a21fd2c45d02d6c6765bbce984f207f0f6ec0ec7c4a38eafe6c8931	n/a	Loki
2020-09-07	n/a	exe	5d9004bb38a2e4c6ee1528f75e8453e778d9f39a3e7d9f02ee7821eae65cf886	n/a	Adware.Generic
2020-09-07	n/a	exe	f53c786b54756ce78e13149ab3e6aefa649ae596502194d16dbcda9eb22f566c	n/a	Loki
2020-09-04	n/a	exe	bfa23dfb56ce592ffa0203754587c0ac08342bd915b9d32c4b320e5f34cf5329	n/a	Loki
2020-09-03	n/a	exe	883d32a4ab0abe21bb853690ea52bfd18156dc32bfd807f703cbdaf7a95fbcc6	n/a	Loki
2020-09-02	n/a	exe	34920bcd27d9983bce4c18e86b33f9499fce0f628c3afdd2815ee02dd2999da8	n/a	Loki
2020-08-27	n/a	exe	25b1c3b3ae85ffec28b564deb8e4d4b292b4d25f24bf3d4e3cb585495cf914b3	n/a	Loki
2020-08-26	n/a	exe	29d24ab24d689d6a9ccf151449d5db4412be10c0a3d5f1e72e2e0ea63c3fa250	n/a	Loki
2020-08-25	n/a	exe	cada921e810099ae09e8a8146892355bd974e60aa81e55c7576b1927f2a2a0da	n/a	Loki
2020-08-25	n/a	exe	47967cd51d9e4fd7c346abf25773303b9b5be6d1dc8d025d2be7fd6e8ff110b2	n/a	Loki
2020-08-25	n/a	exe	1844d9684eaed87d1549686887b88eb1f7fea807ce3348d6d5d9d41b77f69c57	n/a	Loki
2020-08-24	n/a	exe	717dfeb0b2151474ce2d567a905b0d045dbc8238ce00c71043bfda6151e4de7a	n/a	Neurevt
2020-08-24	n/a	exe	5a7c3fad335793674d1d5c8b65cac4ece3520e6cbe42026263adc350dd52dfcd	n/a	Neurevt
2020-08-05	n/a	exe	c2c39544cf21b89e2bf2ffa4fc09a6250e4ef39de20c301f4d4d70023cc0596d	n/a	Loki
2020-07-29	n/a	exe	aff1db5008848b7d3e33a0de956e63b74969d95e1332ec0dd2d9a353fd74cc1f	n/a	Loki
2020-07-28	n/a	exe	f15576ff3aabce5f3352cf7becec0414d4d2eb6473405276a508fb07a1d446f7	n/a	Loki
2020-07-27	n/a	exe	7601b28c4b8a31a7a673c40a1e7f992c22bd9b3a6e3734ea8f66bb9256efa6fa	n/a	Loki
2020-07-24	n/a	exe	48530d0a7998377381a3113c006f2886c14019938af1bb618fd9911e62ea571d	19.18%	Loki