URLhaus Database

You are currently viewing the URLhaus database entry for http://2.56.59.42/WW/file5.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1642880
URL:	http://2.56.59.42/WW/file5.exe
URL Status:	Offline
Host:	2.56.59.42
Date added:	2021-09-24 21:37:04 UTC
Last online:	2021-11-25 20:XX:XX UTC
Threat:	Malware download
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2021-09-24 21:38:01 UTC to abuse{at}serverion[dot]com)
Takedown time:	2 months, 1 days, 22 hours, 24 minutes (down since 2021-11-25 20:02:53 UTC)
Tags:	32 Amadey ArkeiStealer dcrat exe RaccoonStealer RedLineStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-11-25	n/a	exe	d8679264a11afc0b391e03d50b726be456e8d24659fe907745bae7e58abb66dd	n/a	RedLineStealer
2021-11-25	n/a	exe	9564a0a46db48c66eeb013cf91be5ba75acf48a7a59a5e237969ff4313950b8f	33.82%	RedLineStealer
2021-11-22	n/a	exe	fadb8eb7a7e20388dd3f9cf66171ae8d1c1e0845aed740ea58fa432c69bbaa7e	n/a	DCRat
2021-11-19	n/a	exe	65eebaf9df948bf4eb793e880ae425729b9f51b14fc9a4f64530819aba8c3097	n/a	RedLineStealer
2021-10-14	n/a	exe	020110f827d739393492ebad4dfea2e61792998044bc184843375c5e2cf1c572	n/a	RedLineStealer
2021-10-14	n/a	exe	9bc3643977e00cfceffd956c7bffc7cd768d939deb3765da0c865e7c1d1c1c30	n/a	RedLineStealer
2021-10-14	n/a	exe	9837c7031b7f69b212d74ca697ae7edd53f1185eedb80e00b6e2777e41f06bcc	n/a	RedLineStealer
2021-10-05	n/a	exe	13f9f1b052c5d540b5dfa64f9eafcb962163d3649d222bbb8690182741622420	50.72%	RedLineStealer
2021-10-02	n/a	exe	ff96c05cc539eae59ea43c37f1996372589b33aa2ba3a9bdc5a1e7b20b1f75b2	55.22%	Amadey
2021-09-30	n/a	exe	ec9982a34d254f2d78122c3409e2bed7295abbe83c736e746f5037f1bbdf9c6c	n/a	RedLineStealer
2021-09-30	n/a	exe	93213a44c861db58c20e17afe5c5d0bfe63f9faf7aa7926bf6df3522dc73e35e	n/a	RedLineStealer
2021-09-30	n/a	exe	797a69e3e8bdc39f1e0dcb6fafce13a661f8fda89cf89c7a9453cf4f6430f6fe	n/a	RaccoonStealer
2021-09-29	n/a	exe	e5e0601b8269cf5ffd12af1b005d913fd5d70235841daf3017a9cbb5da483dce	n/a	RedLineStealer
2021-09-29	n/a	exe	950bfa5ec6f7e8987aeb2bc6584d18bd3ef83942aa73c3c42faa9389030f0691	n/a	RedLineStealer
2021-09-29	n/a	exe	b78c36dc5a9215fdc28d52f0f50dc68a82e8ce7061ce9f033ed2631a9b06fda7	n/a	RedLineStealer
2021-09-28	n/a	exe	6f249140cd20e91a196d7e5ca978e74a18c4d30a7f2f220627f6ef044e5a3056	n/a	RedLineStealer
2021-09-28	n/a	exe	181f85bb6d83fc1f8a88a320a4ac8052ce5e5952a76147ca321eb7967a142fc5	n/a	RedLineStealer
2021-09-27	n/a	exe	1f4ccad233d733ecf2c0374593f95ea0bd521a17e82206b17fd74948faca974c	n/a	RedLineStealer
2021-09-27	n/a	exe	5e88cd141556c3b8305bb6f6e68154b27765ea3b512d9843463d6fd99616ad02	n/a	RedLineStealer
2021-09-26	n/a	exe	a335a14188c608ba63b172cb891cd710c2bae0d56816c264f65037600d78e4e8	n/a	ArkeiStealer
2021-09-26	n/a	exe	a5228f1d1c83f629bcbe9dd896ea0146536c3062d784b4f423b8067637bb89c4	n/a	RedLineStealer
2021-09-26	n/a	exe	2f802aab0b83ba927a253910e4fb2a071f39c5515d08e29be2c2a687771be0d5	n/a	RedLineStealer
2021-09-24	n/a	exe	1df60e1cc475438904d4748169d9c0d33535b6dea492607d664fac917c518e01	42.65%	RedLineStealer