URLhaus Database

You are currently viewing the URLhaus database entry for http://asvb.top/files/penelop/5.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1256040
URL: http://asvb.top/files/penelop/5.exe
URL Status:Offline
Host: asvb.top
Date added:2021-05-19 12:43:06 UTC
Last online:2021-06-16 08:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: vxvault
Abuse complaint sent (?): Yes (2021-05-19 12:44:03 UTC to google-cloud-compliance{at}google[dot]com)
Takedown time:27 days, 19 hours, 35 minutes Bad (down since 2021-06-16 08:19:29 UTC)
Tags:ArkeiStealer link exe RaccoonStealer link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-06-07n/aexe 18076f163aef93f57db14eece15b18ca68f344da2f4c59a329de178752f14e2cn/a ArkeiStealer
2021-06-03n/aexe 33c2ca1cc03550022c20d672a3d541cb1b1d2009458dd46493bdf950e9ddc411n/aArkeiStealer
2021-06-02n/aexe 2f546ff4327d9dc62caf7d0b5e661daa4928717d3fadf4bdac32284e7e075e03n/aArkeiStealer
2021-05-30n/aexe 83f50d86c658c945ad095f32812422656d56612c31dc4f5ff72f850b604f2aacn/aArkeiStealer
2021-05-25n/aexe d84a596efc6765496b3dcb232fd3bb7d88e3b308e9d2e6e9f8c09fa31336e398n/a RaccoonStealer
2021-05-20n/aexe 523105c466693a60d62ce69ed62e13eca290d4b23b45ada3eabcb2e5b74b1e9cVirustotal results 68.66%RaccoonStealer
2021-05-19n/aexe 624b7ae8befcf91dbf768d9703147ac8f9bd46b08ffe14a75c77e88736bf07d0Virustotal results 79.10%RaccoonStealer