URLhaus Database

You are currently viewing the URLhaus database entry for http://37.0.10.214/WW/fileT.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1559339
URL:	http://37.0.10.214/WW/fileT.exe
URL Status:	Offline
Host:	37.0.10.214
Date added:	2021-08-24 06:07:03 UTC
Last online:	2021-09-17 13:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2021-08-24 06:08:05 UTC to abuse{at}serverion[dot]com)
Takedown time:	24 days, 6 hours, 53 minutes (down since 2021-09-17 13:01:15 UTC)
Tags:	RedLineStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-09-14	n/a	exe	e438066c4e6157cb8bc27f53e48e7f2f29df110838696aa3ca8e22b4ddd2e999	42.65%
2021-09-06	n/a	exe	73bea803c16cad304bfb22d86f7134155fd2600ec46e0f369a27cd81a4dd21e0	n/a	RedLineStealer
2021-08-25	n/a	exe	7e0679077236a08ed74cbdb95bbfcc03243d153250263c3bd7959c6f5c8530f2	n/a	RedLineStealer
2021-08-25	n/a	exe	2af2563062749b7f8865f02f8b1dd3fa4af532a798c05f37fb7c130b16b0cc36	56.25%	RedLineStealer
2021-08-24	n/a	exe	123f8cec3ea0bc986981a142bc15c08d28a37b48774b5829c946404d59823f3d	n/a	RedLineStealer
2021-08-24	n/a	exe	eec05dc9ade2a7ee74ea5fb115bdd687b457d1f81841238a61e9775d6cc4bfa6	36.36%	RedLineStealer