URLhaus Database

You are currently viewing the URLhaus database entry for http://stats.technosolarenergy.net/installazione.dll which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	718499
URL:	http://stats.technosolarenergy.net/installazione.dll
URL Status:	Offline
Host:	stats.technosolarenergy.net
Date added:	2020-10-19 15:35:05 UTC
Last online:	2020-10-20 22:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Blocked
AdGuard :	Blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	JAMESWT_MHT
Abuse complaint sent (?):	Yes (2020-10-19 16:10:07 UTC to abuse{at}cishost[dot]ru)
Takedown time:	1 day, 6 hours, 2 minutes (down since 2020-10-20 22:13:02 UTC)
Tags:	dll geofenced Gozi ISFB ITA ursnif

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-10-20	n/a	exe	d5ba4c77ca4813a76ceb6be5203a3c3d713e043e82cf80a7aab0d92b28f71a64	14.29%	Gozi
2020-10-20	n/a	exe	8d2e11c37f1d10e4dfd3f525ee70c5c9f157996b927d94e2c355a4107dbb617c	15.71%	Gozi
2020-10-19	n/a	exe	10224d8997af3d6985f25cb027fffe6f2e39e7db847695b64fe6eeb7e9546aca	22.39%	Gozi