URLhaus Database

You are currently viewing the URLhaus database entry for http://osslusturv.com/YER/files/marb2.wos which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry




ID:81639
URL: http://osslusturv.com/YER/files/marb2.wos
URL Status:Offline
Host: osslusturv.com
Date added:2018-11-16 15:15:28 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@de_aviation
Abuse complaint sent (?): Yes (2018-11-16 15:16:04 UTC to info{at}datacheap[dot]ru)
Takedown time:2 days, 20 hours, 24 minutes Poor
Tags:exe Gozi link ursnif link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-11-19n/aexe 3dea2507023bfaac4469c7f65d5ba6387b5ae40f83a0a02ba46fb6ef079ca45bn/aGozi
2018-11-19n/aexe ac94f60bed2738e7473de9771a624d3e62d050c8c2faf8c9b569436e99faf512n/aGozi
2018-11-19n/aexe dfae90c137a213cf9ba33c5e3f051e5d14a1d44ba88b8986f269368303991881n/aGozi
2018-11-19n/aexe a7d193a51a2490b27c6d190d211720d52a4ccff249e81d9b33a4c957ddb28dfen/aGozi
2018-11-19n/aexe fbd1d4f5aafeb0d3418c028bebec10925e3107225d7c9f499ee9f7a96f7b01f6n/aGozi
2018-11-19n/aexe 0264014eaa1827ec4472f9eb3b08e101cfb5ef7c292dafc0ba5c878f50a72242n/aGozi
2018-11-19n/aexe f7953f4ff934259329ad865ebd08707202eb6498d14e12f3d34c37483b040f4an/aGozi
2018-11-19n/aexe a23d59a007b6fa9170f3374155740e825afc83dba8dba07e9efe962ba5026254n/aGozi
2018-11-19n/aexe 8d7dc7a51eadb8eea2fb08b5189d43cc4159219ffa61619f231f245ea51716ean/aGozi
2018-11-18n/aexe 9a65c2eb954c0c9975791d148a74ff5666f551d50cc3df39a81740453329c1f8n/aGozi
2018-11-18n/aexe 9ca4b47ae30e285febec87e0bc87757e40728704f6e597bf7da2ac161f81381cn/aGozi
2018-11-18n/aexe 37b5bf4dff34d06bfd1bd5fa0b6b79b1289d2a0f94e43a65f075e7ee7040497cn/aGozi
2018-11-18n/aexe 5130442bf6d44e9ec2f03c21ad72731662557b5a07400db0651696c7f26d7e87n/aGozi
2018-11-18n/aexe 0149cfd112a3641739f6cd5e3490413d057d2f29050ebac36bec01ac6a04697cn/aGozi
2018-11-18n/aexe bfe84dd8a0c67e0ad206506410ab427edfbd8854b0ac05ee7a486584565f1c1fn/aGozi
2018-11-18n/aexe c0e4828ee9b93fa859371e852564de41df38b57e88f5d0cfee65c740b9984aa1n/aGozi
2018-11-18n/aexe 1e6228c3b1794295ab930f19cf9f4c2e0d3924e2179fe9f5d4b770dacb4490e4n/aGozi
2018-11-18n/aexe 20421d9a759ab9307388c17e189b6a277811a2aa597e72ac9fb6570997346873n/aGozi
2018-11-18n/aexe 0a9aab186bd0211c8076c8fec74bcba935ce1bbc51eba9aaa7754a64e4207b00n/aGozi
2018-11-18n/aexe 6939c81ccddd7b9e914d77e8631e362872a358c08a2550dd534aede97d2ec3f9n/aGozi
2018-11-18n/aexe 5c014fcfad727380754a23621ce498d5f0b649cdc05fb96851be16a33f2a745fn/aGozi
2018-11-18n/aexe cf61741f0f3b2fa8effb991591f33aedf5d0c68eb73d295bdff5a65bd2b7f7e6n/aGozi
2018-11-18n/aexe 6992220b2e3cfa870c88ba1fc728444fd8cf34f4e8134bf5c2019763e1136721n/aGozi
2018-11-18n/aexe 776c0d7abbf740c457c91c8a5330012f25e1053961f8b77fed4cb7f9d44af98an/aGozi
2018-11-17n/aexe 69f587c87e7c01107acc410c75d028e30904a435ed077fb1a3a20e9a85ea1293n/aGozi
2018-11-17n/aexe f28173bf52690e77122f786f0bb10f4345ac5233df8dcb6158d7adf95d15879bn/aGozi
2018-11-17n/aexe fc739c25c2881f1670d2b4407e4d0207890917ae69288f798ce4eb1a3604c3c9n/aGozi
2018-11-17n/aexe 00427851c70e2568b442f5311f56baa8a5469d59b2ca0f298d7b6e2610b311acn/a
2018-11-17n/aexe 981039770e1f5e9b4b83553e7a4368063b4893c6c418eb54a94a626f027a8e07n/aGozi
2018-11-17n/aexe 5ac223080c53fdaefaf784bf91218dfc51569c6c30572f73366fd96836d79bfdn/aGozi
2018-11-17n/aexe 6b0d48bbc6f261bef734a53cc5717efbab4417228e208261f27067e89a89828an/aGozi
2018-11-16n/aexe cd59b481f8a7b4022a0c52cf96a121ecd05c0b43972a91c63910fddcee138ad9n/aGozi
2018-11-16n/aexe a188a3ec86569fbc653ba8ff9a60d43d886847eabc3823ae6a38cbe32e225ec2n/aGozi
2018-11-16n/aexe a3d49c8a2783141bcf3593bcf21ac50731a3112adb847ff3d66b81b461ac72e7n/a