URLhaus Database

You are currently viewing the URLhaus database entry for http://abass.ir/kingx/moneyx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:433107
URL: http://abass.ir/kingx/moneyx.exe
URL Status:Offline
Host: abass.ir
Date added:2020-08-14 10:54:13 UTC
Last online:2020-10-23 12:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: theDark3d
Abuse complaint sent (?): Yes (2020-08-14 10:56:03 UTC to solisomama[dot]john{at}gmail[dot]com)
Takedown time:2 months, 10 days, 2 hours, 1 minutes Bad (down since 2020-10-23 12:57:07 UTC)
Tags:AgentTesla link Formbook link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-04n/aexe 7346b3b5523c501e13b4ad1e8ebd685711bc168135f818685b9937d19304883bn/aFormbook
2020-09-02n/aexe 11aa6de1a702b2fe312b252f6d4e44ee114e23b6f95a297e7fe15751a67fbc55n/a 
2020-09-02n/aexe 46c1beb680fee0894d6a58d53ee86faeb9dfa24db88f178580dfbd1385e4c581n/aFormbook
2020-08-31n/aexe a2997c95996b96dc3101874c591483bce257571454661d64c95a79cedfed2050n/a 
2020-08-31n/aexe 8f06b49b371c6b257b716689b767ebf4bbc75391d0cf152b9bbe498ef55d017cn/aFormbook
2020-08-28n/aexe c707467093ee9c327c531fa9275c1a1a645bc7b91a321845a621f6dfb74a09adn/a 
2020-08-28n/aexe 8b50a50dcb8d97ff9d7f698bd7b8d357d61396261b85db6339b872a7d167870bn/a 
2020-08-27n/aexe bb0c89ba01a3a77b3bc5bdecd036616bb50926de5fa9c726cace8ab953f91a0fn/a 
2020-08-26n/aexe a2c608ef2ef4ced6e7dc576fa8d1ef7c9bf30bb508d4a23dfeb25ba8244c1ccfn/a 
2020-08-19n/aexe 538fb28f74d6ebd1a22bbfbb166fa849974dca5719760fcf821b4cb61a1a2b65n/a 
2020-08-19n/aexe e6d466a9d64dc417fe665c81fcd3c72e506cfeb931afd09fdb9063f83fc19d3fn/a 
2020-08-19n/aexe 6124fa434ca82458442a3961ee36e48a4dfb641ea90c7a8404860325072b4155n/a 
2020-08-18n/aexe a009d22d3c59e732f4359fb8658f5a7a1c8bacd4aa37292ee30d2d8aad53bb71n/a AgentTesla
2020-08-17n/aexe 0c49f57e097007e9685aeb3b099b86cdbb533614c0ce8a370481fdfaa44105bcn/a AgentTesla
2020-08-17n/aexe 7bddb7e7ccf1166f316fdb63a5f2b8e45e3cb6778d4e6f8eb0a02a979f9a315en/a AgentTesla
2020-08-14n/aexe 428ce24264ec457329247d0e56f3bfff4a22044e57ebce767f4a75856a07e4cbVirustotal results 38.81%AgentTesla