URLhaus Database

You are currently viewing the URLhaus database entry for http://coltec.ga/~zadmin/temp/0ap.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:445907
URL: http://coltec.ga/~zadmin/temp/0ap.exe
URL Status:Offline
Host: coltec.ga
Date added:2020-08-28 09:03:13 UTC
Last online:2020-10-10 03:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2020-08-28 09:04:02 UTC to abuse{at}selectel[dot]ru)
Takedown time:1 month, 12 days, 18 hours, 17 minutes Bad (down since 2020-10-10 03:21:31 UTC)
Tags:exe Formbook link Loki link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-08n/aexe cafbf0ca3d9697de117f1f5f4bbaa1a2717fc7b8485a492b9eac2def9632f52cn/aLoki
2020-10-07n/aexe ebd88634ecfbdc7e88bca32a0b22fa35e24c9feb309799128f3d12d2cceac224n/aFormbook
2020-10-06n/aexe 0aa79342c00ecadc1a8771b574911abbc7bd89d833598ea1bf9ad7ffa63c2ee9n/aLoki
2020-10-05n/aexe df8b425e4f5ce5faef299b2f83aabdc9a1d9f2d28be9aaf4e41215488820c0d9n/aLoki
2020-10-04n/aexe 1c44b1e0a3f3186e814a13d4cd895bb1de20cbb343f6ec3b56908868998791f6n/aLoki
2020-10-02n/aexe 37b3fa9a0fad103ba7311948f3eff98779253409556488638ffe057e435d812dn/aLoki
2020-10-01n/aexe b1a522cf1688c79e5148c41caa7ebf9c71f9cb0a87e3d2c3acd4a0e5f9c22705n/aLoki
2020-09-30n/aexe 2652463d20fd9db97f8149be519413cae87b846986d1eb4784fd886af8b9f977n/a Loki
2020-09-29n/aexe 7b59aa7d23a9ea86c5a12bad49cc727909ff58a2d3e8d2bc242ca3eb1b9350ebVirustotal results 16.90% Loki
2020-09-24n/aexe 4eb8bed8591422f6065c3198d6c3464b14e438f6566003997d98b81d776f02b9n/aLoki
2020-09-23n/aexe 103b80a529ef18579c7078a3889d0d8262848d29cf7ddcf16faf83ec350f7c63n/a Loki
2020-09-22n/aexe 1d70d8d0e34fb9df8625c040957a124f0fec9cc14902824293b8a64ebf23911bn/a Loki
2020-09-22n/aexe 6012333b74487f614be5cf6b2af70106279461283fc9c3232bd7d5a5bb8e87dfn/a Loki
2020-09-22n/aexe ae08212f92cff9784dcf5aa675e51122bf9a0542be9bda43d731d64b032a2b37n/a Adware.Generic
2020-09-21n/aexe c62416f0cd57c70638383e4a97bb2aab0e457209e8b782978bc6eb110b7a92c7n/a Loki
2020-09-20n/aexe 18d42895a0a37161199e0f3da093cb3057f71a608866a3d3284c83a7b90dbf81n/aFormBook
2020-09-20n/aexe 81de431987304676134138705fc1c21188ad7f27edf6b77a6551aa693194485eVirustotal results 0.00% 
2020-09-18n/aexe fca32cf0c62210488d4c092cb9e44b7089b661f7419f3c8a56c4f21a02991b4en/aLoki
2020-09-16n/aexe 14b23833a0069ece9c114d554b406c7f1da45fdcd910ecee37fbf0136aa09af2n/aLoki
2020-09-15n/aexe ce25afb958b5ae70651c279cc541d045d0531b1a3eb97ba7bf0a065e40828082n/a Loki
2020-09-15n/aexe ec445f889b5b9541628dfd3c7492ac329c978c7b7088fdeb81002646afabd64dn/a FormBook
2020-09-13n/aexe 414578aa9e1ab74c43ae636f64758a5a2dd59ab81619aa054de1fb6c9140f2e6n/aFormBook
2020-09-10n/aexe 01da092bc20b08ea1bea6de68bc460606e7c34254de25501d0c4f385eb02e6bbn/aLoki
2020-09-09n/aexe 7c18464e0b9693a7f701815d1a767074fe452a84eb0636bcbcf7f374fe08847cn/aLoki
2020-09-07n/aexe 72ec3dcd3d7a197c45c66605330968f86044d6a2ec37bf843e33b7f4668781f9n/aAdware.Generic
2020-09-03n/aexe 46c00c94bffc91316d10ed011e9d8168bc4e9c4416387427367005cd632452fen/aLoki
2020-09-03n/aexe 4256cb27af8d8b2cdde631191db4a1ea1c5054fd21e7e1ed5fb94f8f65d6f32bn/a Loki
2020-08-30n/aexe 9dc88dec4a1a8fab1526dd1a856542e011b7ad5a62ec049c07d0eca58843a9f0n/aLoki
2020-08-28n/aexe 1333a1f4e72776e3a6e006488980735994ec62a0a23538d78c5962c323e84562Virustotal results 26.47% FormBook