URLhaus Database

You are currently viewing the URLhaus database entry for https://buscascolegios.diit.cl/txs9e9.zip which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:995040
URL: https://buscascolegios.diit.cl/txs9e9.zip
URL Status:flame Online (spreading malware for 4 years, 10 months, 10 days, 22 hours, 23 minutes)
Host: buscascolegios.diit.cl
Date added:2021-02-08 12:01:44 UTC
Threat:Malware download Malware download
URLhaus blocklist:Blocked
Spamhaus DBL :Abused domain (malware)
SURBL :Blocked
Quad9 :Blocked
AdGuard :Blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Blocked
Reporter: reecdeep
Abuse complaint sent (?): Yes (2024-12-20 07:38:11 UTC to abuse{at}zamltda[dot]com)
Tags:dll Dridex link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2024-06-23n/adll 9ef14132accf0dbb0a8d7a151e435aa33790ad3165fcf783e1993a1bb7fbe774n/a 
2022-07-28n/adll 1230c73980a80673ae45774b9fc0c3c29aaa7731d02e3d1a7095dceccb71fc99n/a 
2022-04-24n/adll fd596f1bb28d8e1141e3bbe6c6f38b11a673e1994889262c69c4e6985ec3ed0bn/a 
2021-02-21n/adll 6bee673fb88cb1541b76dadb3f257eaacba32cc038e43cea476f16cca3567c5bn/a Dridex
2021-02-09n/adll db8945a793ea1bd94eb1aa3e3e14e84da66b3048f4a86e814e6d0f8dd5c8c276n/a Dridex
2021-02-09n/adll d4691c6a15d61a65670ac86d03b055f42f1a5210755e82f92196845313290ad8n/a Dridex
2021-02-08n/adll eb7fd6642faf3b5f0de0efaf717af7b3146a02f4e18028fa174bc1acb318a4a7n/a Dridex
2021-02-08n/adll a151685e0b00b4e92a95a7aebd7a21f2d15c316062d8a979f01d8a2a32cf3609n/aDridex