URLhaus Database

You are currently viewing the URLhaus database entry for http://62.204.41.118/1.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2258195
URL:	http://62.204.41.118/1.exe
URL Status:	Offline
Host:	62.204.41.118
Date added:	2022-07-17 08:28:08 UTC
Last online:	2022-07-21 08:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2022-07-17 08:29:05 UTC to abuse{at}gorizontllc[dot]msk[dot]ru)
Takedown time:	3 days, 23 hours, 54 minutes (down since 2022-07-21 08:23:46 UTC)
Tags:	CoinMiner.XMRig exe RecordBreaker RedLineStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-07-20	n/a	exe	34211e5c3790f76a96eb915fc89ec3fd9c179c2138404ba994387dc5903f575c	n/a	RedLineStealer
2022-07-20	n/a	exe	2cbb7e317e749e0f4d7de7fd084f2217ac91bf13eeee072c004dde01b4c39b8f	n/a	RedLineStealer
2022-07-20	n/a	exe	9542930037fd5f2261b592841e3522f75328e15e153144d732727fedd0a8d8c8	n/a	RedLineStealer
2022-07-20	n/a	exe	6398f8719a74eaf507fcb373bf619b54d120b99789730e81feb36d93f0831432	n/a	RedLineStealer
2022-07-20	n/a	exe	9d313aa0090d3425564379e7674795b68f050ec6473b1ced106fff220a8749d4	n/a	RedLineStealer
2022-07-20	n/a	exe	13a0b3e462a014b605489df82b082618b64d7292140bbfdbb7b58e683cb80b3b	n/a	RecordBreaker
2022-07-20	n/a	exe	1e40b7a3aca5fa0302e9f6c2e4b10f738f8ad2e357cb0987f175c456f67e8e67	n/a	RedLineStealer
2022-07-20	n/a	exe	c6255b3d3add48b7b8dea57dfc2c89345fdcc6d131fd3bfa0a806a0eaef08c2c	n/a	RedLineStealer
2022-07-20	n/a	exe	32fe263a8ffc6bc490c545d6394638347164e676a79e537037f8b0c9691194ef	n/a	RedLineStealer
2022-07-20	n/a	exe	26cf3a7e5c1cda03282d249613c58cf3f924f714b2c2b8eff975067965e6f632	n/a	RecordBreaker
2022-07-20	n/a	exe	3d7ce58206ea2c41c27f2ce6c5de8ceb5cc65a68b34c7458561e922317a45c9b	n/a	RecordBreaker
2022-07-20	n/a	exe	a3a6f76ddefa3fb54372ed3faf131b7ddc3299d63975adc328decd25517c8d67	n/a	RedLineStealer
2022-07-19	n/a	exe	3294b5eb4076a59b710ea8b216db6093a943ba90602cea84c17ba5f45765ad25	n/a	RedLineStealer
2022-07-19	n/a	exe	f50d04a4726203bb56f624fef305e6c78615be4ebbb927a73d9600c59a5d4a7a	n/a	RedLineStealer
2022-07-19	n/a	exe	359f33d21df2a0f482cbe253075cb06e8c08e927ad7fdd1a38ac0170cb4572ef	n/a	RedLineStealer
2022-07-19	n/a	exe	1d128ffc3927d02e3393da5e27d2557766f82df921b09d42603b08d5724e9e9a	n/a	RedLineStealer
2022-07-19	n/a	exe	28f9d2770b4423a0e5b68239f9521b422431c80967cce3c05d7feac4234012b7	n/a	RedLineStealer
2022-07-19	n/a	exe	02ec7b932df28efbc53cf934abfdf63b6e8480270c2e9380b228ca2fafb38014	56.60%	CoinMiner.XMRig
2022-07-19	n/a	exe	763a8941b67e65566ea617e9d5188e8cec9e4ea707cec214a99ab8b1a03d78ac	n/a
2022-07-19	n/a	exe	a0867d378ef009cec88eb0baf2fe793a55fc603d81e75cd18dd0fb10e6a96e03	n/a
2022-07-18	n/a	exe	551efe176267150c3c59b650c833f9c0d3f8cbe2cec8db9c4c74f00729edefef	n/a
2022-07-18	n/a	exe	ca495a563e36daa12c866e0ec25fe155db701eca395d4b93d94ac264e1658de5	n/a
2022-07-18	n/a	exe	302b666fb18ec467822868622604e73d0a1d89e1f878c6220d25385dab9bf20d	n/a
2022-07-18	n/a	exe	7151162f44c168e1faa8267f0a1a43db6bb15b9e55b0d8c2de4bd4917d710cc2	n/a
2022-07-18	n/a	exe	ecca9ad598d7f87cc9c2ef3e8a11a031647851e54df41bf5968c17036345613f	n/a
2022-07-18	n/a	exe	c80f2e4a3f188e77f04f488a17bc7e2fb753f8a0c487eb399e8779346903b28b	n/a
2022-07-18	n/a	exe	2f547c47657d985474a25718f35def2aaae6b47f4924ada39d4b1797c229877d	n/a
2022-07-18	n/a	exe	4054808af64ed93374bb6eb276fea8dfa8927541d67969b4a4770da4f62d519d	n/a
2022-07-17	n/a	exe	992ddb7407bd527eb866dc8caa972078c58cd30beb2ee766437a05187f6c1344	n/a
2022-07-17	n/a	exe	99732409027dcc503717fdc56dc7aa0aba90db61d5bfe9929d210c0517b70efd	n/a
2022-07-17	n/a	exe	cc9b7f52a12f9a8d0610ee53576d441a202ad1026cb09d16ece255236f88e036	n/a
2022-07-17	n/a	exe	1786cf1d8c9f11cdcdbcc25f974413fd166bef816ec9a8268deacda7d130e460	n/a
2022-07-17	n/a	exe	d996c356f5566abcec6264caa79df83fd93a71e62622710d6763a9126521861f	n/a	RedLineStealer
2022-07-17	n/a	exe	d36c24e3376ee0722e68aa83e8dd0dc5e572a73c46c95f1a410261e26cc952dc	n/a	RedLineStealer
2022-07-17	n/a	exe	071b6a97e9931097875ebcb7e58d0248ceba48243ce7caa29316b4f4198c7a1f	n/a	RecordBreaker