URLhaus Database

You are currently viewing the URLhaus database entry for http://gooddns.ir/atlasx/atlasx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:460184
URL: http://gooddns.ir/atlasx/atlasx.exe
URL Status:Offline
Host: gooddns.ir
Date added:2020-09-11 00:27:37 UTC
Last online:2020-11-11 00:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Status unknown
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2020-09-11 00:28:06 UTC to solisomama[dot]john{at}gmail[dot]com)
Takedown time:2 months, 1 days, 0 hours, 5 minutes Bad (down since 2020-11-11 00:34:03 UTC)
Tags:AgentTesla link exe Formbook link MassLogger link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-11-09n/aexe 8ef26b2b7ca600a007e62b5dee2e377e6b12299da67dc6dfdfb53ea2c71a8b03n/aMassLogger
2020-11-03n/aexe 4988575523d9a0fe1fc226f972e930cf597cf8c001b306d07d7cc5750a45e38bn/aMassLogger
2020-11-02n/aexe 00e08a19f48abe62f711ef9738a94ef764314b98a430765127f1a90a1329e40cn/aMassLogger
2020-10-27n/aexe f15b2f5c88a588fbeb079df8ca9c2e10180233df4a5d0b4165209e76bc456f4fn/aMassLogger
2020-10-19n/aexe d62d0dfa280cd130a3c9a1d39cddc61ca6212bb7a3fc2fdf39b72ff11dfe7a06n/aAgentTesla
2020-10-12n/aexe 0ffeb38588c3b63f2ec6ce65f8296a6d3c4c0c43eb893486295f37ef0aeaa21en/aAgentTesla
2020-10-06n/aexe 814f3b9dc8aea3d8a2c42d0eda2779733e7c0deaea265cc0b5be77cd1fa6b869n/aAgentTesla
2020-10-05n/aexe e27846749619df94dd373cbbc3a27fe44a5790bac920ad7c2d8ed13296e71387n/aAgentTesla
2020-09-16n/aexe 8aafecddd3b462d27c24000757496edb5c6bce1e6abff9157d5360457b0805d7n/aFormbook
2020-09-16n/aexe 33465508e5acea35177cef68cd87d8b6209a60094dc029acd1e05e926a886335n/a 
2020-09-15n/aexe 98a72a8721ac7c7e1e45a93b1a69ca236d2bfc9fc7bf338e6d63c53486900f26n/a 
2020-09-15n/aexe a93f51a2685bc2a56a36a482e045ae7d5ae2055e7176b54cee959966c2d06f66n/aAgentTesla
2020-09-11n/aexe d732985d24a02a21df8e93598ea0431ae1e9a89a1afcac240e758130517d625en/aFormbook
2020-09-11n/aexe 8dee5311253287c389d5502467e27a8c1bacdbafc1afa2b0449dbf5c64c4fb38Virustotal results 16.18%