URLhaus Database

You are currently viewing the URLhaus database entry for http://5.2.75.253/images/blog/10.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2137733
URL:	http://5.2.75.253/images/blog/10.exe
URL Status:	Offline
Host:	5.2.75.253
Date added:	2022-04-08 17:29:06 UTC
Last online:	2022-04-16 09:XX:XX UTC
Threat:	Malware download
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2022-04-08 17:30:08 UTC to ripe{at}liteserver[dot]nl)
Takedown time:	7 days, 15 hours, 42 minutes (down since 2022-04-16 09:12:19 UTC)
Tags:	32 exe RedLineStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-04-16	n/a	exe	537475fc22d8c5528773a0d06f93e9266f9a87db58652b1b58aa688467e56228	n/a
2022-04-15	n/a	exe	f7b6bd5a0164b1ac2386dc17e351de00274bdcadfc5d188e1fc19374ffacfb65	n/a
2022-04-15	n/a	exe	ba672aa0bdb43a05f81c3ed9cc25c9ad4d1490765322bd153e4b6dcea5a44094	n/a
2022-04-14	n/a	exe	3e263c5d35486b940b40870742093a56e26a78fc81cd1e0318c89baf318c64c3	n/a
2022-04-13	n/a	exe	fb3c2e98d876cab53cc9a6d5318224a9563ca67dda8bf6901b6e16a6be47a407	n/a
2022-04-11	n/a	exe	6a3023f0d2ef9c85075ad9213c5cea6ef94c7ce7b07efc6977d6c36fabe5d786	n/a
2022-04-08	n/a	exe	e4d81058481719a56fce1a41e675f8d466394b51e963e184ed6da0f1062fd296	53.62%	RedLineStealer