URLhaus Database

You are currently viewing the URLhaus database entry for http://cnc.c25e6559668942.xyz/xmrig.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:881998
URL: http://cnc.c25e6559668942.xyz/xmrig.exe
URL Status:Offline
Host: cnc.c25e6559668942.xyz
Date added:2020-12-02 08:17:33 UTC
Last online:2020-12-22 07:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: abuse_ch
Abuse complaint sent (?): Yes (2020-12-02 08:22:25 UTC to abuse{at}serverion[dot]com)
Takedown time:19 days, 22 hours, 41 minutes Bad (down since 2020-12-22 07:03:48 UTC)
Tags:CoinMiner exe glupteba link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-12-21n/aexe f15d4ca818c254171a929dc664df437b6d7ea483c8059636a0399304728328a0n/a 
2020-12-21n/aexe 2f25f93987d8d5b8226748166b0b2c34ac5d2c22cf1a050459b23fd4f6fcfaaan/a 
2020-12-21n/aexe 37ea133cb87deb328cd4f59ca88455dac8888ab4d850c77b883228e91fc4d944n/a 
2020-12-21n/aexe 84bed5ff696c5a5c4fec61c754c248af0a367bf6d0305b1fe397a89f2fffb76dn/a 
2020-12-21n/aexe 01619c092c0cc8bce5b76131fed0cc377177c8c16b80223dff2946febcaef64en/a 
2020-12-20n/aexe f7afa8e570c890410ac7afb80f6b448def0cadee6910b4d22e9d23111ab3a622n/a 
2020-12-20n/aexe ff52561379af28e8f5b72e8c7e0bfa4e79cc5b629571ab0f8798f5afc3cb05f1n/a 
2020-12-19n/aexe 968ac00e24ddb4356f97df2ee035a9677129e774368aafaae7f8f4f0bac27041n/a 
2020-12-19n/aexe 90fedc543c36f624a664180cae851e8a12b9927c35e880a7f056fef3c7a4632bn/a 
2020-12-14n/aexe 7486e26409d1e9feae177c8ec415e5cc1f7f67cc1cc44c92e0294c6508296b53n/a 
2020-12-14n/aexe df505604c55f01a3006087a3bf358c23df8eaddf4705771af2b23e4702595bbfn/a 
2020-12-14n/aexe 4b61b8877026c14682018b9f9ba0c6d9361572a614bb02b728825280f563b78an/a 
2020-12-13n/aexe df1b0b64b0669d733272e645df0b8064d60d7e23c4950bf1603d60e0fd94c2a4n/a 
2020-12-13n/aexe 0a37b19fe17410a2fa4b452bfb317047f7a9b863da0352668450f053db99e360n/a Glupteba
2020-12-12n/aexe 0609ebf7cc8006377168708fbc7409acb98d7caa673ccf4970aca815abe0b40fn/a 
2020-12-12n/aexe 4df07e327801053dfb24ec18df32121b57bed8c717a54331aeee1e0b7befc9a1n/a 
2020-12-12n/aexe 6acc7e3f8fbe32a14806e4db6753339f941947f91842c366b95f7140f8b89c56n/a 
2020-12-09n/aexe 02b2145944e16d198cd2cc6d2d0c61d5bf1eafe5b1a0a4a2da024ba0fa28c7e4n/a 
2020-12-09n/aexe 4124fae50c5547b1c582b8a0a88a1881a2df873d5a8147c5d665d71ce6e43a9dn/a 
2020-12-08n/aexe 0475705f75967e2565e1e3b69d3ded7d30e6c9f337dd19c7ffb26dc4b811687cn/a 
2020-12-08n/aexe eaa8d88a4ee646313e5b9ba86618be1cb26324382ffb4f73e0e1a7f44a663725n/a CoinMiner
2020-12-08n/aexe e192f79f7141cf2a46a26e12364208a67bea938d2892c6b6a5f96237c4df0864n/a 
2020-12-08n/aexe 78dda0d167329db6afc8480f908315a1c3f05a9bf637247550bb51b4dd2bdb90n/a 
2020-12-08n/aexe 6153ad453b05bd80f7e409805d9c7a7bed6074d8361fc1c0bd4b0c414203afb9n/a 
2020-12-07n/aexe c9fa01886e6b27bff7d07d095ff57ea142b3ff63bfccd4259596cb1dfb65546cn/a Glupteba
2020-12-06n/aexe 0503fe445c5f018fa76afdc9e7f7bfcdf6e4030357a6c6ba7bf0d689597c2d74n/a 
2020-12-05n/aexe d7b998957afba18e7f9c27b67692f1b26073250a6cf4187ad578e21925d16018Virustotal results 55.71% 
2020-12-04n/aunknown 57ba0094366538e81254ee6474fcc842014fe3519e824f372871c15f3c3466f5n/a 
2020-12-02n/aexe 6242c4e30deeb7bd722e7eca4acef1b3549512451a42ec34ab294809eab1cdcen/a CoinMiner
2020-12-02n/aexe 816c684a48e1c905593ce03b268f6fcbe0038ae8626411072b8fcb65f051636aVirustotal results 64.29%