URLhaus Database

You are currently viewing the URLhaus database entry for http://88.119.169.42/f/3.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2273042
URL:	http://88.119.169.42/f/3.exe
URL Status:	Offline
Host:	88.119.169.42
Date added:	2022-08-15 18:02:05 UTC
Last online:	2022-08-16 12:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2022-08-15 18:03:05 UTC to abuse{at}bacloud[dot]com)
Takedown time:	18 hours, 40 minutes (down since 2022-08-16 12:43:07 UTC)
Tags:	exe RedLineStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-08-16	n/a	exe	4e921764a0f4148bf5a4f6780949523a18f19e134aa994dc5d711466d3133047	n/a	RedLineStealer
2022-08-16	n/a	exe	9d60bd1961e341033e7e779a0fc3433482aee86c97693239dcddc70ae6718ed9	n/a	RedLineStealer
2022-08-16	n/a	exe	7e3e17cc40baf8d66cef9eb80f80c5882d6a9367c9387f4480bfb2cb290badbc	n/a	RedLineStealer
2022-08-16	n/a	exe	0d500dd5c3c6eaa8916a854736863b05c5904df2398bd6f19de1f488d62019dc	n/a	RedLineStealer
2022-08-15	n/a	exe	5c3d9d826a30a35c024a72cdbafc934788b1930f67f4515bfd9e3f4781f5dc52	33.80%	RedLineStealer
2022-08-15	n/a	exe	9057011b3d2d82f589254811801715fa48d131bf361f5c73a337b62b60a56edb	n/a	RedLineStealer