URLhaus Database

You are currently viewing the URLhaus database entry for http://185.212.130.94/download/Up.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1003172
URL:	http://185.212.130.94/download/Up.exe
URL Status:	Offline
Host:	185.212.130.94
Date added:	2021-02-12 22:05:05 UTC
Last online:	2021-02-13 20:XX:XX UTC
Threat:	Malware download
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2021-02-12 22:06:09 UTC to support-link[dot]ac{at}yandex[dot]com)
Takedown time:	22 hours, 37 minutes (down since 2021-02-13 20:44:06 UTC)
Tags:	exe RaccoonStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-02-13	n/a	exe	5183727d0d1efeb8c406d0f94b128baca13431fed7fc8921173e5dfafdc26e21	n/a	RaccoonStealer
2021-02-13	n/a	exe	18f62e03e3a7a1f24b269aea36d542843c3ada0514b47a387a723d60ea1a6f26	n/a	RaccoonStealer
2021-02-13	n/a	exe	86858e54ef062ffaf88f1fe285196d220d9fa32337f575d8eaa056995e292303	n/a	RaccoonStealer
2021-02-13	n/a	exe	ddc26e8676acaa12f6a82fa834bed43a58656183ba95a407f2d844f26cc38314	n/a	RaccoonStealer
2021-02-13	n/a	exe	d262b5361dcf38248f5483025cefd003801b8122931cf2bea2de538878914074	n/a	RaccoonStealer
2021-02-13	n/a	exe	d26abd96a9dd9307846794c651ba5c23a0c608f2e006e9eef81fe07b0fd852e6	n/a	RaccoonStealer
2021-02-13	n/a	exe	d75895bc7f6053c4eda1f6476f2ebeef69aac1eba32287f2bd3e29bfc2bb33df	n/a	RaccoonStealer
2021-02-13	n/a	exe	66e46f9a1a64aab0910d20657c2d24753533054e41bfe1dc689b5b1efbd52c6d	n/a	RaccoonStealer
2021-02-13	n/a	exe	b1bac1a62bfdb6c1534fca7b1c922c4a81bc71ae53e7b1ff2876f022889a7e7a	n/a	RaccoonStealer
2021-02-13	n/a	exe	4ea50dd6505f5b701755210e49fa9c63c05eea54d70ec2914014c8191a95eecc	n/a	RaccoonStealer
2021-02-13	n/a	exe	5c34ce46164515780fb233cd129480f8f48664b4d896910791379e400c57a30c	n/a	RaccoonStealer
2021-02-13	n/a	exe	3604c66f73bdf81e798c2ef818e48ac10969d8ae54485dcba31c584a731d58c7	n/a	RaccoonStealer
2021-02-12	n/a	exe	724bb492fcb73eb257613a5380e1e2cea7a1a18f9c26bfe795c0a6484d1c1b5a	n/a	RaccoonStealer
2021-02-12	n/a	exe	44e41fd96b031fa432082af8929d9815da07a48ceda94829208cb9334ffd54ad	n/a	RaccoonStealer
2021-02-12	n/a	exe	f9b445ec1597540ac2a149b62cfaee0d2ec3fa57ebb4612ffd45f2496dd486cd	31.88%	RaccoonStealer