URLhaus Database

You are currently viewing the URLhaus database entry for http://94.103.94.2/crypt_loader_mix.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1025020
URL:	http://94.103.94.2/crypt_loader_mix.exe
URL Status:	Offline
Host:	94.103.94.2
Date added:	2021-02-23 04:09:11 UTC
Last online:	2021-02-23 13:XX:XX UTC
Threat:	Malware download
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2021-02-23 04:10:05 UTC to abuse{at}vdsina[dot]ru)
Takedown time:	9 hours, 0 minutes (down since 2021-02-23 13:10:58 UTC)
Tags:	exe RedLineStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-02-23	n/a	exe	bb67c762891c1292ca9455b21f4d9c526c17fa5beba3177bc0d4c7a4f2112353	n/a	RedLineStealer
2021-02-23	n/a	exe	9f88e2afe509e18242e3ae1a647abe0fa6df22d7111ef2384adbb39d47cd8907	n/a	RedLineStealer
2021-02-23	n/a	exe	2ee48403efdb5c1e7f8b1b36436b8178bf30e2ae7ac455bc810856a9ae4aaffd	n/a	RedLineStealer
2021-02-23	n/a	exe	9c565ae9b52ff8b00d34a97a6de98505d6fd9fe1f10586c1a5078b195e7e1e6c	42.86%	RedLineStealer
2021-02-23	n/a	exe	58189f350c1506f164bb75b00de91ce365a24aabaa6e8daeb26b06077d310cc8	n/a	RedLineStealer
2021-02-23	n/a	exe	d390ff34ddc0078b94ed89c2d8a4e4dd1a29b788cddf5fa97c26130289f1028d	n/a	RedLineStealer
2021-02-23	n/a	exe	6f8540f0fa094599a948f24f3005c4ba231f2c21fd61f9f86bd93c70ee43cae1	n/a	RedLineStealer
2021-02-23	n/a	exe	9d396b3cf03ec1edd31a66e99c1f6e3e87695886706df40f8cd6772a28b65517	n/a	RedLineStealer
2021-02-23	n/a	exe	dcccdd1d62c167fe55c85e127d9e4a0c4a05723698cb69a9251abda5ac035f8f	n/a	RedLineStealer
2021-02-23	n/a	exe	e9efc290a915cba0dd25ef5ca147fc5e1f88d276dea37991a73fb629d924ed4c	n/a	RedLineStealer
2021-02-23	n/a	exe	978dede1d33b7e24b651e4ce9abdb6194453de27b29db3b9493396cbd936ec31	n/a	RedLineStealer
2021-02-23	n/a	exe	106721aec445bd3bc936c4b4c7549277d2ca43de648d8a92b06e4c9e865b572e	n/a	RedLineStealer
2021-02-23	n/a	exe	21e42f1b3355e6822afccdb0d9b9e1bc13a02778397846da0ad262c7e0dcbff3	n/a	RedLineStealer
2021-02-23	n/a	exe	93904cdf9a5403109348230d69cb6ec6a4aed8059b31fc6fd82e9ef102c0a061	n/a	RedLineStealer
2021-02-23	n/a	exe	ad55da0bfa962d1975f39587e762bbc319697006718e59ee0bb4b4eabc434470	n/a
2021-02-23	n/a	exe	598e8ee80c4dad43084c43d91cf05ced32824e42d10d0d8ef88c41631428893f	n/a
2021-02-23	n/a	exe	677618666eb31c80e9dbecb17907676d2da2a39d24f7c20785ef577239ef5e6f	43.48%	RedLineStealer
2021-02-23	n/a	exe	f10b8817b388868aa1e76c8f706dd0bedda991ff21c397be125d617280153561	n/a	RedLineStealer
2021-02-23	n/a	exe	5bddade91a2f92a067aa4d6e3762308d4801e38ae3e07bc103d5282b002e6555	42.03%
2021-02-23	n/a	exe	bfee310c617048995349b9f9f7d73c0b675cc31bedcb2e4d3bac265be9cfaad8	n/a
2021-02-23	n/a	exe	a5692361307642a92cc8fe3d614a23828b77bbadb291f91c495f4018abbc11a5	41.43%