URLhaus Database

You are currently viewing the URLhaus database entry for http://193.142.59.152/wp-blog/pics/nbfile.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1577094
URL:	http://193.142.59.152/wp-blog/pics/nbfile.exe
URL Status:	Offline
Host:	193.142.59.152
Date added:	2021-08-30 08:40:03 UTC
Last online:	2021-08-31 05:XX:XX UTC
Threat:	Malware download
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2021-08-30 08:41:02 UTC to abuse{at}hostshield[dot]net)
Takedown time:	20 hours, 40 minutes (down since 2021-08-31 05:21:56 UTC)
Tags:	32 exe RaccoonStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-08-30	n/a	exe	3bc47d4589eb3794742c4e76bbbf869f3c81c78482fcad92efffd5c03044b9a4	n/a	RaccoonStealer
2021-08-30	n/a	exe	a8e17e50ed79099367282e36eaab695483f1be3dbd94a478f5a7ab020512df1c	n/a	RaccoonStealer
2021-08-30	n/a	exe	3cf104c27b5007b0fe8c8fad732edffe08789ab9235a8b8491694c7c4317f8c0	n/a	RaccoonStealer
2021-08-30	n/a	exe	da0985789b0077b3988e868e9fbf85f46b61451b4a4edc138c0ca419cf9acf68	n/a	RaccoonStealer
2021-08-30	n/a	exe	d3a5b777c6bf05953b2aecb511a605e268a5de26659d1b044fc03cc5700e2e09	44.12%	RaccoonStealer
2021-08-30	n/a	exe	0402179d19f4016e6c1788d1f65f44b180a6abbe1dd151f785a9bfd77588057a	34.33%	RaccoonStealer