URLhaus Database

You are currently viewing the URLhaus database entry for http://www.xueshengshi.com/update.php which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:9640
URL: http://www.xueshengshi.com/update.php
URL Status:Offline
Host: www.xueshengshi.com
Date added:2018-05-11 07:18:17 UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Blocked
DNS4EU :Not blocked
Reporter: JAMESWT_MHT
Abuse complaint sent (?):No
Tags:AgentTesla link GandCrab link heodo link Loki link Ransomware Ransomware.GandCrab link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2018-06-171.pdfexe 0960446627af5c6c05d66432efe515cc7b485e8896ae11933ba357f148fb314an/a Ransomware.GandCrab
2018-06-171.pdfexe 0e1ff91f3f95df5e13fc929fe8406bd080e99d0e60816a92cb2ece1507e34f99Virustotal results 45.59% Ransomware.GandCrab
2018-06-171.pdfexe 5b423ceaf291dab1b776decda3c289ec3614e3ca156842d36c8ab0451e3222c2Virustotal results 40.30% Ransomware.GandCrab
2018-06-161.pdfexe 2cbeb4eb91688c138d6a7c79d6202164ba4b34c5f6200e097fb328f4388895abVirustotal results 41.18% Ransomware.GandCrab
2018-06-161.pdfexe 8909033a54dad3a734d9dcd3a199d75632b2a66d44b63a0e2785f4a1d79aa989n/a Ransomware.GandCrab
2018-06-161.pdfexe ad9b01e33049ce895a385f2c5f588a08e8cf88fbeeb8623448c0c37929fb5608n/a Ransomware.GandCrab
2018-06-161.pdfexe 689f028fe2b79a0fa06a9cebf76c3fc0fb715692e9468c15dc12785cdd771c85Virustotal results 44.12% Ransomware.GandCrab
2018-06-151.pdfexe 8674ebd775a0ed6def752db25ee467e58b7505d0827ebe4e8d4e3b3970bae98dn/a Ransomware.GandCrab
2018-06-151.pdfexe 7e1a56698fc2de587002a6b33fb974ce8a976091fb2f645c26cb9c309e77b620Virustotal results 42.65% Ransomware.GandCrab
2018-06-141.pdfexe 939d3749a9bec418984bd4dd5e32abd270724d724565fca78396b7551c9fb043Virustotal results 36.76% Heodo
2018-06-141.pdfexe a69d0a93747e86d93e1531ab649ea9623b4985eb063290fce7e999d10241ffddVirustotal results 38.81% Ransomware.GandCrab
2018-06-131.pdfexe b76ac57e039acf89fe1d2ddb4b6db8e8a7eb1775f04216f040941f946d238ff0n/a Ransomware.GandCrab
2018-06-131.pdfexe 1e233b9903247a066e5039722df9ec22931d82282de083e7ff648fb0542b01d6n/a Ransomware.GandCrab
2018-06-131.pdfexe 88a6597fae59a940c0a0d54a914ef1e47ff13b3dec796920053ba2a9bd3719cfVirustotal results 37.68% Ransomware.GandCrab
2018-06-121.pdfexe 41b5e623939fabff5a9022fa72f6ab93a3b35c38be67506afea7a236593a16c2Virustotal results 33.82% Ransomware.GandCrab
2018-06-121.pdfexe fb96ee08822e6f7f3e1c607217c8cd471fb06fdd7d523baeb3a946b0fef5e971n/a Loki
2018-06-121.pdfexe 631ba5cc0d8eb1ad7e31b2688b390be6a4d871501d9bc0a4a37c4e2bf9c615c1n/a Ransomware.GandCrab
2018-06-121.pdfexe d46c7bc70ee391640720bfc4461dccb4d057f30a9c1a14133b5dac1f781d40cdn/a Ransomware.GandCrab
2018-06-111.pdfexe b9a5f6188b2113bf79190442700d6f20630756e1d82a541739edb012167301a7Virustotal results 40.30% 
2018-06-111.pdfexe ef9c5e300591d7f96c2c6e4c339a20e443f63c53d6bd2c75b1e67e560b257138Virustotal results 39.71% AgentTesla
2018-06-101.pdfexe 3f4c94faf4e9a075187e819c7ede5d194f93f51f874200ba8836ff1696db7a5eVirustotal results 37.31% Ransomware.GandCrab
2018-06-101.pdfexe d8be0825e63903505cdebca56d0cae1962f7d089931c2f3692157e6ab16d30efVirustotal results 38.24% Ransomware.GandCrab
2018-06-101.pdfexe 18299f847264c75d9f1e4474b96ad8d5b4ad5500248e55b7b2e1faf204a1967fVirustotal results 38.24% Ransomware.GandCrab
2018-06-101.pdfexe 920b927d0957d713b2f31ada8880f09948d52334e51fb68e0c209bcd08bc035fVirustotal results 36.76% Ransomware.GandCrab
2018-06-101.pdfexe ebba3191a9f0ae2c8173d43cdbc07b9eab8f82cf345cafd294c6c27310caad5fn/a 
2018-06-101.pdfexe 2c7ada2287839821e0d0747e0888fcda038d103d66569d06e14831b5024afd77Virustotal results 38.24% Ransomware.GandCrab
2018-06-091.pdfexe 09cc3a51814031a99366a5c8fd2a5f1d91c35d91557fef5b334a6e31a7e112aaVirustotal results 50.00% Ransomware.GandCrab
2018-06-091.pdfexe 03f242f7f52438ed06b804665b2a6712ef8283b23027ce5fee6b422ad5dbb0d2Virustotal results 44.12% 
2018-06-091.pdfexe 6d3f14be6552fff3249039f23312fe3acc9e04d8f8556902160e9b8c9d2309b1Virustotal results 41.79% Ransomware.GandCrab
2018-06-081.pdfexe 30985915912647f03dfa35946cca1cb3e487cb9b4432db5ccbd5742327613a85Virustotal results 37.50% Ransomware.GandCrab
2018-06-071.pdfexe 3cdd857e90e3d210c991232d4c9de9339a7f2fa941aac7c7d27dc321b4e968can/a Ransomware.GandCrab
2018-06-071.pdfexe db7d32c4df0f2ef0f76a110cf41834fd0c029f431821d59e27154c0410e9a0a7n/a Ransomware.GandCrab
2018-06-071.pdfexe cf109f276dfba6b25fb3d6e7eb330fe175337c0c6e76d05e2b3d5687d327cc98Virustotal results 35.29% 
2018-06-061.pdfexe 6fa5ecdc0f56cee09281e94868a4d71220d1b1f384579645d3b7a1e4cbf8da0cVirustotal results 37.68% Ransomware.GandCrab
2018-06-051.pdfexe b99e8bee4b862797dad24e952f385f7c69d89a1223cae6a0f1a0ae3ffd698260Virustotal results 37.88% 
2018-06-051.pdfexe 8a7561b44189f55f34c0246df52df63d00285556cde72984e359917031e6ebacVirustotal results 36.36% Ransomware.GandCrab
2018-06-051.pdfexe dcca510f52b98b86980c07eeea06a4312714a7adfc62c6a4c66f5bd43c6132d3n/a Ransomware.GandCrab
2018-06-041.pdfexe 9be14ab4888a5a616e19a798cd00bdd4df3c44855fd2ff28e41ddc5ef15a7e8cVirustotal results 36.36% Ransomware.GandCrab
2018-06-041.pdfexe d49a338bd46d1952a4ab19cc7f21f8d97f8a675b4b5c0a4baeeef7ed9f59458dVirustotal results 36.36% Ransomware.GandCrab
2018-06-041.pdfexe 027a3a821c59a6387b7a6605a9f834ab047b990c5b84bd5c39320745eaacff56Virustotal results 36.92% Ransomware.GandCrab
2018-06-031.pdfexe 91a9f37e7d10d6da919ee61e568644acb6f54f4bf962311fdb0cd9f361c4f91fVirustotal results 35.82% Ransomware.GandCrab
2018-06-031.pdfexe e72c5e8888d4bde49dbb74a4b50db6e5b516c5cd65135e49b5229d96de2bb5a3Virustotal results 36.92% Ransomware.GandCrab
2018-06-021.pdfexe 7a228d612eb48c72a5d748e7bfebe9805e148634f9e7c465b6858b02f0fa9e3fVirustotal results 32.31% Ransomware.GandCrab
2018-06-021.pdfexe aeeccf32ce2b11d39ba391a5206934f299149a7c335e8b76578dd7fbb31762e0Virustotal results 35.82% Ransomware.GandCrab
2018-06-021.pdfexe 7460899e5c9ba20d95fcaf4f4927b8c5c39e17483671be1a67e6db48c48fea39Virustotal results 34.85% Ransomware.GandCrab
2018-06-021.pdfexe f6c56fe100a6aec4cad6cd5cb29b1044b1a8cbd730942bb6e6bc2a8a16331d91Virustotal results 32.31% Ransomware.GandCrab
2018-06-011.pdfexe 20e92cd860dbf5c577a318a0a56489a088a307dc96d9e24f16fdda0209f87f81Virustotal results 33.33% Ransomware.GandCrab
2018-05-23n/aunknown e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855Virustotal results 0.00% 
2018-05-141.pdfexe fd48b33fbed8aae4eeef2a12bce4c4a4dab93be9347c5cc3361afa36574d50dcVirustotal results 38.46% Ransomware.GandCrab
2018-05-131.pdfexe ad2399caf9369b9b32dd3660fdb48d662e6a86ca0466def8e6f2766d9d0caa40Virustotal results 28.79% Ransomware.GandCrab
2018-05-131.pdfexe 2e0e07f61f6aecb705a2b3f1136f7e21867635ac34bb8a6d71fcbcbf7c5262b2Virustotal results 34.38% Ransomware.GandCrab
2018-05-131.pdfexe 82bd049905b134b6b9b6a31b6afb5312106b762f715b96233282abdf6d27d53cVirustotal results 27.27% Ransomware.GandCrab
2018-05-121.pdfexe d622720ae5e4ff8ab9f09fd3a74bcf8990b126d65e1f8b8ab1c93c4228aa13faVirustotal results 27.94% Ransomware.GandCrab
2018-05-121.pdfexe 9423c5c90c73f0bbf0f46fd4968e52148a3c18d17664b8a6a01287f79404762cVirustotal results 27.27% Ransomware.GandCrab
2018-05-121.pdfexe 458c5a5a5201d4d1e470a0b009b1152dc48771b3ccb8b17e7b3bc6af4db13985Virustotal results 28.79% Ransomware.GandCrab