URLhaus Database

You are currently viewing the URLhaus database entry for http://osslusturv.com/YER/pelim.php?l=marb5.wos which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry




ID:81633
URL: http://osslusturv.com/YER/pelim.php?l=marb5.wos
URL Status:Offline
Host: osslusturv.com
Date added:2018-11-16 15:15:17 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@de_aviation
Abuse complaint sent (?): Yes (2018-11-16 15:16:04 UTC to info{at}datacheap[dot]ru)
Takedown time:2 days, 20 hours, 24 minutes Poor
Tags:exe Gozi link ursnif link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-11-19marb5.wosexe a06fa318ee38f86a14290f8059ca0149521e6e61a98f381a9826ef4d03f7515fn/aGozi
2018-11-19marb5.wosexe 48900df8fb89ac19d5ae027c89f239ee79ba4c84e2a62f9fd0f2532c6b430c20n/aGozi
2018-11-19marb5.wosexe 4c011dda3209ecbf50b01215cac7a541d5e2ce193fd65b10110ad34052386065n/aGozi
2018-11-19marb5.wosexe bd3662219cc6e99e944f81e38c1412eecbabdb21d330825ef7c98aa387086953n/aGozi
2018-11-19marb5.wosexe 89733966db4a527a21e8f93cd1fad740bb7579722f53048aafc605440fabf6bcn/aGozi
2018-11-19marb5.wosexe b9dd0ae01b241bcdfe7e11832670661c8248f8d7f452975689f247d4b0b61296n/aGozi
2018-11-19marb5.wosexe f4d0b93a1e4ce73e9fc163f5a6171ea2777ccb373d0efacc514dff5a8d502badn/aGozi
2018-11-19marb5.wosexe f4ff3e02559f26f111386946188e2128e004bcad882e6f8b6686aa70d18a338dn/aGozi
2018-11-19marb5.wosexe 496425e8494762f5433a0f56a5fdb08cd1eb664ae03300f2230a6b24df4aba76n/aGozi
2018-11-18marb5.wosexe 25828a90a53dd8720718a36a40b83c1efc4a9129068595092538a70f03a2ac54n/aGozi
2018-11-18marb5.wosexe 007cd72072f9e76351f4122d2a92b50c2b49c77d1dbea70128495d638267b422n/aGozi
2018-11-18marb5.wosexe 3410fb41324b02158dbadd1eeb480e4cbd6a90bee7edfb07f374cdc53d091e76n/aGozi
2018-11-18marb5.wosexe 555524dcb79853279515f4f4dadd86da9530a1d1745c6f5682d1515ec1cfcc92n/aGozi
2018-11-18marb5.wosexe ea3822dbcf24d076a0d5dc10bfe4b6820656859ba7502fc2c5425ac47e6fcdbfn/aGozi
2018-11-18marb5.wosexe 03d6507b368a9c28071245b1c8c890870a6b15f77025aa7f74ad14ca405359cen/aGozi
2018-11-18marb5.wosexe 1346df0934371aafe9810529ef6ccc423df087425a1df726045916d9b5f20c05n/aGozi
2018-11-18marb5.wosexe b661b659433880027a5fa10187372e2d302dd26ed4e8943109161f8e37b301aen/aGozi
2018-11-18marb5.wosexe 2c7f9718a8b46c6c7847964a66ef167d86471c77657bfccb8492d620b0b02b21n/aGozi
2018-11-18marb5.wosexe 0241cf8e591d0e202acb104200b266f192dea59f5915bea759572114fc68f5bbn/aGozi
2018-11-18marb5.wosexe 918482e9f0a6f9fe4a24249492c3aebedfde60606ce189bfa926bd55d1e3a263n/aGozi
2018-11-18marb5.wosexe 3ef10201e6edf1a5823eaefb8c9202687c90b82d13a89570136e74592585a56en/aGozi
2018-11-18marb5.wosexe cdfcd74418cdfdc4a265eba287da6239dc2c6c02982bf7ff27c981057fc71ecdn/aGozi
2018-11-18marb5.wosexe b39ed951ad3fff496ff24bf38965f6178511321e9f39cb5a8162bd18cff185f2n/aGozi
2018-11-18marb5.wosexe 706c5ebf5ac83fc120fc4fd401131c246720cb7ed09ce50ee44e5ad76d072837n/aGozi
2018-11-17marb5.wosexe 43aa022c62206574d95e5b4fdd845a2e2f0e934c12f8c023e4f63da07a4f2048n/aGozi
2018-11-17marb5.wosexe aa1365470ae290257d977225f2f9a73703e8070848b04eb4501b1c7b721cc819n/aGozi
2018-11-17marb5.wosexe 256da4ead55eb81ef90ba9714c574837f02d44b309ac0f7b44b20f414ecdc673n/aGozi
2018-11-17marb5.wosexe 4f2ec10122ae2bae75f13a100330a609f41deefd68b0d6586fa71bbd10b29112n/aGozi
2018-11-17marb5.wosexe bc0c578ffc260b15ac09f9fc2557dd6f144fedf0ff4b695af6111e60145fa685n/aGozi
2018-11-17marb5.wosexe 5a12d6aca87686f29b9b8db92c081a81000e759a5b0278f0c4eef198694baf0bn/a
2018-11-17marb5.wosexe e68a6d71a8e1d0ca056bb21c992061446f0d91dc58fcc4d86b86c5a2a06d4bb1n/aGozi
2018-11-16marb5.wosexe ed55557b05b050257f97519821e185b1856eed7d78515dff7224d6da853f2684n/aGozi
2018-11-16marb5.wosexe b486d9fb057513e6d192776f4468d277aac6bacd8c0de2f623dc752cf1fe9028n/aGozi
2018-11-16marb5.wosexe 2930a757e561993f4cc52aa85151fba26a4ba8507e07764b1d98b4753ab186b6n/aGozi