URLhaus Database

You are currently viewing the URLhaus database entry for http://www.xn--12clb1iek5buz9fud6d.com/update.php which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:9858
URL: http://www.xn--12clb1iek5buz9fud6d.com/update.php
URL Status:Offline
Host: www.งูเหล็กระยอง.com
Date added:2018-05-14 15:50:04 UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Blocked
DNS4EU :Not blocked
Reporter: JAMESWT_MHT
Abuse complaint sent (?):No
Tags:GandCrab link Ransomware Ransomware.GandCrab link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2018-06-02n/aunknown 404ce01a7cfc7774e0bda05ca1152d95cb096606af87fdc5c2fafcd4d1ba1d22n/a 
2018-06-01n/aunknown d4093bdbbc2f98bcb059ab4a19fde1793598e6a7518c819767b990538d2b560fn/a 
2018-05-31n/aunknown 9185657c8efa31712712790fdf1b483ad51d33c9a61daa19cd20d12f0151d243n/a 
2018-05-30n/aunknown 7b02d6b8c6cdee1b58be0be9bf23141b0ec2ec963e9b1fd1b4d5a58aed7e67ebn/a 
2018-05-29n/aunknown 8e622b939c66105eca14359291155045a09adb59aae157fe6e6e8d9836cfeb30n/a 
2018-05-28n/aunknown 3d030436bdc9a62defe77043acbba840522d429414ecfa4efdcede8f98f6b05an/a 
2018-05-27n/aunknown 198ceff5184a59e4c9e1adfcee500ed67e7f22516aeb1b9dd30144744f8a4719n/a 
2018-05-26n/aunknown 6ce483da4aab3a53b3334b929041185e34a6e07614d67762cbeb29c6a384d0d1n/a 
2018-05-25n/aunknown 88a9f5ffd0f0ca8105fdc05a7fd539dd54e7ff6da7ad012041c6d72974e5faden/a 
2018-05-24n/aunknown d4fe15f71981412e170c5df3e01581d8854418c04ef6aaf956d95da9d66d8c1bn/a 
2018-05-23n/aunknown a37efedaefb04909da7939657bc3d305a7dd09bb06d29cc93bc42935ef8183a9n/a 
2018-05-22n/aunknown 80f921971fa4b4b9b12027b00dc2d00d981cc99157589ad9e8a99e2981e64913n/a 
2018-05-17n/aunknown e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855Virustotal results 0.00% 
2018-05-171.pdfexe 70b2ad601664d79c07d96071f16e07aa637b380554fe5ff131e0b739bc68f82fVirustotal results 37.88% Ransomware.GandCrab
2018-05-161.pdfexe d2f851fd60e85be31a5c5015c1cab7021941a09dd274682124d85abaff49f641Virustotal results 34.38% Ransomware.GandCrab
2018-05-161.pdfexe 1350d7e63c71391b1315ccd5e6d64fd47b05a4b0daffc26d25482340b645ad84Virustotal results 43.94% Ransomware.GandCrab
2018-05-161.pdfexe e804fe8fe0573df48218d70c19e21145d504da5ed3e3e6100442e3b52996c3b5Virustotal results 37.31% Ransomware.GandCrab
2018-05-161.pdfexe 33cd21c3796ebbb324a52ad26edbf15542043977ff3bd4c308246f096b5c4288Virustotal results 35.82% Ransomware.GandCrab
2018-05-151.pdfexe 85bb72bd40ff08c337e6881a5b3ba82ebbbc17726e5d1b710f8dbf222e196b2aVirustotal results 39.39% Ransomware.GandCrab
2018-05-151.pdfexe efcfe2c77cd49d1d9bbcee820c40e784a70794a8e4c4b7eaf651a8c584db8942n/a 
2018-05-151.pdfexe 9e2d0e89cac0ef635885714096b3c5f79fa7649766a2833a61f9f765b576cd25n/a Ransomware.GandCrab
2018-05-151.pdfexe 79ea45b1141089ca6ea7b8dc59cf7f44912982c7e0f890c15a577528f9d657dbVirustotal results 30.30% Ransomware.GandCrab
2018-05-141.pdfexe 43a4b51f23ac8c863bbc1b22b58c743e7646b85def629ef1e92f81c36cadee54Virustotal results 30.30% Ransomware.GandCrab
2018-05-141.pdfexe faa7c0319331fc77888a5d150b4e5f582d075a6379d2ffd8342cee092ee6f849Virustotal results 34.85% Ransomware.GandCrab