URLhaus Database

You are currently viewing the URLhaus database entry for https://oneup.cc/download/nvcontainer1.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1519058
URL:	https://oneup.cc/download/nvcontainer1.exe
URL Status:	Offline
Host:	oneup.cc
Date added:	2021-08-09 12:05:10 UTC
Last online:	2021-09-09 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	vxvault
Abuse complaint sent (?):	Yes (2021-08-09 12:06:09 UTC to abuse{at}serverion[dot]com)
Takedown time:	1 month, 0 days, 20 hours, 19 minutes (down since 2021-09-09 08:25:44 UTC)
Tags:	AsyncRAT CoinMiner CoinMiner.XMRig exe RedLineStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-09-07	n/a	exe	1e76fa9be747aba53d20aae6cd4d384c2a84c0b3650c87944085d12a0a713fb7	17.39%	AsyncRAT
2021-09-06	n/a	exe	4531d8af87a523a1664264ed8417741d154cdeeebd2c1b77419f18e530722c77	23.53%	AsyncRAT
2021-09-05	n/a	exe	99965cce8132e8c36dfbbe2a7ef0a4db936f147098e8a8cd8bca5d5ec577d192	n/a	CoinMiner.XMRig
2021-09-03	n/a	exe	d60c9957cdbed60b3f054a942fe9878d23283f6662d16888695adc5e7b3e951e	22.39%	AsyncRAT
2021-09-01	n/a	exe	3133ccd49787119edca20d75bc98f791f26da6fc8f70fece3c06a6e0405c4ed5	16.18%	CoinMiner
2021-08-31	n/a	exe	70c86f345adf4e43d56bfeb5eec348475722803a6aa65ceac1a6a0aab4904539	n/a	AsyncRAT
2021-08-29	n/a	exe	548b9ca933b2acc83144abcb354fadfadc4e15861c7623352be55faea64851a4	26.87%	AsyncRAT
2021-08-27	n/a	exe	a6b2a3131669d745ce097d784a1e227b0e80cb246ea364ef9301cf7887ef1d8c	n/a	AsyncRAT
2021-08-26	n/a	exe	8b480ff5797c4d2a4a4c9eeb9207ce3fa89a1d063a72c90faa341e012faf9fd5	n/a	AsyncRAT
2021-08-26	n/a	exe	8ecd676a1e6ac02ed9db01f62c18940038c695d5bf9938f1133dcbeeffb48fb1	n/a	AsyncRAT
2021-08-25	n/a	exe	63e4d45c7fce9de0b78e2bc09df98ffe29ac6ca9e36f247977fa37415b8da13a	n/a	AsyncRAT
2021-08-25	n/a	exe	a3b2cafa928f4fb6d88fe1988d38ae5c7a5323f65739925394d4b641bca02f49	30.88%	AsyncRAT
2021-08-25	n/a	exe	fc7eab3215c8161ea0d3fdfe0d341d4560a597eb0f3693d7495c480aca7612b1	30.88%	RedLineStealer
2021-08-21	n/a	exe	9fe95a6421cbcedfcd831733d3b4a0711f8fd245034b67f0fb059d070adbb49a	n/a	RedLineStealer
2021-08-21	n/a	exe	bff559146bc99484a29cdfd9a234550ad0124237feea6806dd91dd9ebff6c998	n/a	RedLineStealer
2021-08-20	n/a	exe	2675562fe96bd7f22b201128e472ea918bc8b0df59d9076b988976443a59b1d2	n/a	RedLineStealer
2021-08-19	n/a	exe	bc1cfe8741baf6b8639030cc2369766320b8086c07fe73b57720c02b48de46c7	n/a	RedLineStealer
2021-08-19	n/a	exe	21431fc384a00434d01bcdd004c56d1a73e9aab4372098c4f175989e05563938	n/a	RedLineStealer
2021-08-18	n/a	exe	ba39ff62e7b178c55bd2787b5e6690b00e1f3bf6cf5ea30ca2b2e4cfd12bb97f	n/a	RedLineStealer
2021-08-18	n/a	exe	fb416672e7ef0f01a189765395e9c87a44de01f41f4df96c871a267fea65cb87	39.71%	RedLineStealer
2021-08-17	n/a	exe	c3c1332d02a22afa88eeece8085e0457132b52a7c9c2b4ce2e5578d95ba40690	n/a	RedLineStealer
2021-08-16	n/a	exe	65dd8fe4f7296cb94756aee39534c14662114365ccd88b407e1a7d9e3178b20c	n/a	RedLineStealer
2021-08-15	n/a	exe	1e445f6c58a18464fc758839559bada7607f882900831891b28d314b2bf77d6d	n/a	RedLineStealer
2021-08-14	n/a	exe	1bcdaedbeec877141cbe2193e3df76599716c70a7cff7bb1d3aec327e5cc0c12	n/a	RedLineStealer
2021-08-13	n/a	exe	ea0479c1415ce6456d43bdcc72e2fb20c1f876ce0f7490892ed42b3b0c10f0b5	n/a	RedLineStealer
2021-08-11	n/a	exe	4745a79cf2d6a810416effbd35f70e3f7cbd2771988e061192d301e9bf6e0c9f	n/a	RedLineStealer
2021-08-10	n/a	exe	df4ae1dda690768169a67821f774c860ef72993607de86dc4aa520330aa31529	n/a	RedLineStealer
2021-08-09	n/a	exe	b17074a58199466de086dc0127bfda7d9a8d01c914e9e6ad3ea79a6462ef6fbe	n/a	RedLineStealer
2021-08-09	n/a	exe	008a112467f8f7b74845bbb9958650cd16e8be074510e8d58d28f78c1fdd0840	n/a	RedLineStealer