URLhaus Database

You are currently viewing the URLhaus database entry for https://rgyui.top/dl/build2.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2261264
URL:	https://rgyui.top/dl/build2.exe
URL Status:	Offline
Host:	rgyui.top
Date added:	2022-07-26 10:58:35 UTC
Last online:	2022-10-24 09:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2022-10-24 06:47:09 UTC to registry{at}stc[dot]com[dot]sa)
Takedown time:	2 months, 29 days, 22 hours, 18 minutes (down since 2022-10-24 09:44:56 UTC)
Tags:	32 ArkeiStealer exe geofenced USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-10-19	n/a	exe	8ecc0426ea37a5c9e59d00b4fde1508175a950372ec3870965f1e527634b3419	40.28%	ArkeiStealer
2022-10-17	n/a	exe	fd5cb18d083e50ca739dff42353802e40acf8ba2694c2a1a2d09a3f40aa7c079	n/a
2022-10-11	n/a	exe	2a5101345def285c8f52ad39f00261ba9e0375d3de73206d0b8c72ce3b6259c6	36.62%	ArkeiStealer
2022-10-03	n/a	exe	5ee57d85a41b825060864ae85981253f28148d15586a5f6274d562dfeae93e98	36.62%	ArkeiStealer
2022-09-27	n/a	exe	06d1366df3628a010416384f7c77c493ac35f13ee05e010751708d681ebe5169	n/a	ArkeiStealer
2022-09-21	n/a	exe	6c11af0bbd346329224255d38a07fb9db5828881d3520ab4623c7a5fc09ecd47	66.20%	ArkeiStealer
2022-09-16	n/a	exe	7abb4b2423a93fa4b7a2cd19bcc854cc96d2e9ed20c13b86c39f49fe7cb80e4a	80.28%
2022-09-09	n/a	exe	116e15e94d70dde65f91f155580bd9b34ff1956b9ebe1a53b6bce912b281c1f6	77.46%	ArkeiStealer
2022-08-25	n/a	exe	a018edd12284d1cdcc235a08ba5da37d3da1d8e886b96c34f1dd8bf7fa41c544	69.01%	ArkeiStealer
2022-08-19	n/a	exe	6f0d21c7e492837cadb64acecb5a714a9290a4f0c522c343d836bfb60114749e	76.81%	ArkeiStealer
2022-08-10	n/a	exe	14b42331d593ac5ae207f11c6d70d00ac3effbdb1c9eaa9e1dcbd8e4e29a12d6	n/a	ArkeiStealer
2022-08-02	n/a	exe	12a51367c5c85ff3c1dc73743cface2e01accecf2879a36adbddf566d52987b3	n/a	ArkeiStealer
2022-07-28	n/a	exe	06f6e14ab8cb8aaacf503675746bf2187bcf967538c9519786a6f2b2ff726b5e	n/a	ArkeiStealer
2022-07-26	n/a	exe	a8e37aea3413fb9403e3690b2f1c4edc10b9685de8fda68254c930134e2b2f0f	85.92%	ArkeiStealer