URLhaus Database

You are currently viewing the URLhaus database entry for http://45.9.20.72/SetupRU.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2136380
URL:	http://45.9.20.72/SetupRU.exe
URL Status:	Offline
Host:	45.9.20.72
Date added:	2022-04-07 23:24:04 UTC
Last online:	2022-04-09 18:XX:XX UTC
Threat:	Malware download
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2022-04-07 23:25:07 UTC to info{at}intem[dot]msk[dot]ru)
Takedown time:	1 day, 18 hours, 44 minutes (down since 2022-04-09 18:09:50 UTC)
Tags:	32 exe N-W0rm RedLineStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-04-09	n/a	exe	8085bcf4d1ddc04c8593b6a673b149ef7da0d6ddb1f172fc421fac9bedb183fd	40.58%	RedLineStealer
2022-04-09	n/a	exe	b35d15faf21de26bb41c9079767eb7d6a4b88dc1b2ae76ea33d4cb8bf3382b00	n/a	RedLineStealer
2022-04-09	n/a	exe	eb36e51cf446c5d7a44624e2370e967a878db45a5006769f184bdd7008229ad8	n/a	RedLineStealer
2022-04-09	n/a	exe	28015dc08a3b178df56ebbcb6360ffecf110cffe52e0aac1582706e1b344bdf9	n/a	RedLineStealer
2022-04-09	n/a	exe	eb60ef69e37250d0babbd446788183ac1709b3d74745902511cf75328fe928ce	n/a	RedLineStealer
2022-04-09	n/a	exe	d68dd7e5bbcaa7799dcb3f4959d89047288c18d22fd8ed7fe17bd4a19394c1b4	n/a	RedLineStealer
2022-04-09	n/a	exe	09073ace70a4cd2630bcb98f29434aa89a7ae2944e754e69c6358eea196006e4	n/a	RedLineStealer
2022-04-09	n/a	exe	01bc197e45b358bbd1668460fc76bf54605ef622a8aeb0c28e9033c749718aa0	n/a	RedLineStealer
2022-04-09	n/a	exe	7588874fc7e15265bfeebaa8d375703eae204f158c5c1de4a9526b57590ec408	n/a	RedLineStealer
2022-04-09	n/a	exe	39fbdfdb008a3c8006414be1a4f7990a14ed0745a11e263d2bdd8369fdb1dd7f	n/a	RedLineStealer
2022-04-09	n/a	exe	788726d4a1b324f18914df28bc9b948f65bec6867c16e24010fc0f569a67b293	n/a	RedLineStealer
2022-04-09	n/a	exe	695f6535d9a2bee65ceb39eb21439ba617e6a133d2aa31122f618751d6b2a64e	n/a	RedLineStealer
2022-04-09	n/a	exe	e7b17602e55650e55425b815c8685156541606c7090deb040b7f401870878d33	n/a	RedLineStealer
2022-04-09	n/a	exe	f71f22bbafe50e733c6eb594423926f4a5b03a9d43d8e6c1232f5a4be8076784	n/a	RedLineStealer
2022-04-08	n/a	exe	6808f9b9316154a410690c9e3e7e194294490ff956c8fc9438b37463205f94d8	n/a	RedLineStealer
2022-04-08	n/a	exe	a1f76253c252ece46cd8831dfaeac23bdc94035dfa82e145dcbbdfd162a5879d	37.68%	RedLineStealer
2022-04-08	n/a	exe	632580ad66bf08876164d649d802bbdd648f606fd2587bd74d220af13cd9c104	36.23%	RedLineStealer
2022-04-08	n/a	exe	143265081a96c98db1ecef49a68a898f8d5775aebbf6feeab1034f1c44e2893b	n/a	RedLineStealer
2022-04-08	n/a	exe	55441fdc147cf918d7f639e5c23df0b0e75fc043ac595e0add82c6f521ac0448	n/a	RedLineStealer
2022-04-08	n/a	exe	152b8edd6379a134ca32d9969e59f6c6a774cac96be31405fdff3e64afd08a49	n/a	RedLineStealer
2022-04-08	n/a	exe	b7e8c7af10de0af28ff13dbb875696bb9fe32d32ce6f825e575d976943511a7b	n/a	RedLineStealer
2022-04-08	n/a	exe	b0dbe27d97f59fe18d871654b0f7d475dd1faae657e19a333b960aa45f0e232e	33.33%	RedLineStealer
2022-04-08	n/a	exe	a4712f7a0dbf1c5dccba30d801ebc3fe4d0bfbb66d07f00f2130a73ffd2f758c	n/a	RedLineStealer
2022-04-08	n/a	exe	740302c47957d60d6ad89b631dc01e551355d0847b6097137a1013029622cd08	n/a	RedLineStealer
2022-04-08	n/a	exe	6642c411b53d6c5f54a23920907c96e905afe0d170e4215050e8e809c9e8721c	n/a	RedLineStealer
2022-04-08	n/a	exe	be4c1302966d738d0de83c7729cc39c24c7a56049f97c26a324c67d720ef1757	n/a	RedLineStealer
2022-04-08	n/a	exe	0bf9fa9256af261277382cb14804091ac64c0c79f0190a4362b7fb6b38a76ee5	n/a	RedLineStealer
2022-04-08	n/a	exe	5e40c00ddec79c271778fd2d1548b139f70671806da6ae47a527415861496c3e	n/a	N-W0rm
2022-04-08	n/a	exe	640afd7135391a9c44be1d7d38c066ccfdb971517a7e7396361cab1fc5ab5346	n/a	RedLineStealer
2022-04-08	n/a	exe	24e192b62a1769ca771a190c1974df41c4fe86b36ac127377e61f845c7054340	33.33%	RedLineStealer
2022-04-08	n/a	exe	dc6fd62fa75a3d7028b8838a56b95d7cf1c05bdd6987ef46a41ae379f944bfff	n/a	RedLineStealer
2022-04-08	n/a	exe	dca0d6def9b3bb3a5e794c50133fb72209df6c7a5bcf28352aac028a47c43972	n/a	RedLineStealer
2022-04-08	n/a	exe	2608f80b9ecde2d0960b972cd6a45bc6eccdaeb7318a9544b8c3bb9b1c78f95d	n/a	RedLineStealer
2022-04-08	n/a	exe	de74af8a9377beadb432a5cba0c99b17744a2cb0dd33025ce3ce95261af4e52c	n/a	RedLineStealer
2022-04-08	n/a	exe	6774197184ae34163f7cb1f48cda9f459a2e4ec5eb4a47633848ee8357088440	35.82%	RedLineStealer
2022-04-07	n/a	exe	d74ae7d2a11f8e809a68f349edefef94aa6fd7e2b3b454dc0eba3706e90b1b95	35.29%	N-W0rm