URLhaus Database

You are currently viewing the URLhaus database entry for http://log.technosolarsystems.net/installazione.dll which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:716124
URL: http://log.technosolarsystems.net/installazione.dll
URL Status:Offline
Host: log.technosolarsystems.net
Date added:2020-10-19 06:40:04 UTC
Last online:2020-10-20 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: JAMESWT_MHT
Abuse complaint sent (?): Yes (2020-10-19 07:08:19 UTC to abusemail{at}contell[dot]ru)
Takedown time:1 day, 14 hours, 58 minutes Poor (down since 2020-10-20 22:06:44 UTC)
Tags:dll geofenced Gozi link ISFB link ITA ursnif link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-20n/aexe d5ba4c77ca4813a76ceb6be5203a3c3d713e043e82cf80a7aab0d92b28f71a64Virustotal results 14.29%Gozi
2020-10-20n/aexe 8d2e11c37f1d10e4dfd3f525ee70c5c9f157996b927d94e2c355a4107dbb617cVirustotal results 15.71%Gozi
2020-10-19n/aexe 10224d8997af3d6985f25cb027fffe6f2e39e7db847695b64fe6eeb7e9546acan/aGozi
2020-10-19n/aexe 2e92d98fecb9edec0ef64d5441894b316f97755344e365460c463dd9dfebe775Virustotal results 14.71%Gozi