URLhaus Database

You are currently viewing the URLhaus database entry for http://93.157.63.213/filename.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1121005
URL:	http://93.157.63.213/filename.exe
URL Status:	Offline
Host:	93.157.63.213
Date added:	2021-04-15 12:14:04 UTC
Last online:	2021-04-15 16:XX:XX UTC
Threat:	Malware download
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2021-04-15 12:15:04 UTC to alexx[dot]person{at}gmail[dot]com)
Takedown time:	4 hours, 36 minutes (down since 2021-04-15 16:51:22 UTC)
Tags:	CoinMiner.XMRig exe RaccoonStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-04-15	n/a	exe	4dbf3dd9c478b503dbef1a7239ad9293cbedd300e94c9b48381371aa9410bbe2	n/a	RaccoonStealer
2021-04-15	n/a	exe	41818f178e3901d42cd6a2567a9e9c5924538e30f812175454d72dee82bbef78	n/a	CoinMiner.XMRig
2021-04-15	n/a	exe	f2bfd95f29d81121ec225a9043bf6dfe2f4ad7e5b9d64154b48e728fa01d753b	n/a	CoinMiner.XMRig
2021-04-15	n/a	exe	1cf375fc2caa68f520a626542f6b285bcd8ad66f93cac008bd9d2226e5641fcf	n/a	RaccoonStealer
2021-04-15	n/a	exe	7beacccd4af720832723442f9afae77c52095ff5990de1352bb3a8ae1059304e	28.79%	RaccoonStealer
2021-04-15	n/a	exe	989e4609ad4bd5440c6b27c7cf27078f775efa0a1eb7173ae82f668ab7362cd2	32.84%	RaccoonStealer