URLhaus Database

You are currently viewing the URLhaus database entry for http://webkita.co.id/1/data64_4.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2254181
URL:	http://webkita.co.id/1/data64_4.exe
URL Status:	Offline
Host:	webkita.co.id
Date added:	2022-07-05 14:06:07 UTC
Last online:	2022-07-20 00:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2022-07-05 14:07:06 UTC to abusen{at}centratm[dot]com)
Takedown time:	14 days, 10 hours, 10 minutes (down since 2022-07-20 00:17:06 UTC)
Tags:	32 exe Formbook RedLineStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-07-08	n/a	exe	d05d432ffab108b9744b68235abf9032e9cc438bb8bd00553528a43a2aacc884	n/a	RedLineStealer
2022-07-08	n/a	exe	be0dc883bf742b13dbc619f2089ddf8d58a9c76963a4be58bf7388a8c791d25b	n/a
2022-07-08	n/a	exe	62c4400c4693fe1b3a65885b056535f73596c23aef1f1ab59d5326f6e82e77d4	n/a
2022-07-08	n/a	exe	dc13f7326d81ea20c6b656eafee7ba4344d980367f6e87d7436c5c135e85954e	n/a
2022-07-08	n/a	exe	264b411e3e9b078fa139f0826563a8c06ddc55c9e9ca44d8247a12322fd7844d	n/a
2022-07-08	n/a	exe	cdda5df3efdd63c17e63d224afa3843dfff8f206de95e241dabad547d5c23b65	n/a
2022-07-08	n/a	exe	e4d1f13bea69ce454b20a3f1e81896c6e4f8895e81fa27b274c282e1fd31d03d	n/a
2022-07-07	n/a	exe	e2022516425f2bb130029911a987fd600063d514fd007b9c34bcb678fcab53db	n/a
2022-07-07	n/a	exe	f72acfd5698f20d5de4a82831c7787e7d094e44dfdb0844487b303edbffe6f46	n/a
2022-07-07	n/a	exe	d2b929696b2f81764d37a54f0ca438919fbe89bf827680fd3bf505baa468d82d	n/a
2022-07-07	n/a	exe	f62cb57490bdf1901bbff1679464b10666cbf261f83f619724bc8b88c208560d	n/a
2022-07-07	n/a	exe	985c21cacb5de7b0cec48f829d94ae79d3657fdaa92b79c11d48f17be8ca54d9	n/a
2022-07-07	n/a	exe	12082c8d55bbb94c54a8e5ab9231ecd8cb42a498234692d1450d436990d57cfd	n/a
2022-07-07	n/a	exe	cf3a65e072d2cfd9ee8325180afa49f9bb2d7849a6f6266349e9b79d48032dfb	63.24%	Formbook
2022-07-05	n/a	exe	fafa893b8c65bb1851b77a7c7f829aa347a3a14aa9225abe6e1c23fe4728464b	27.94%	RedLineStealer