URLhaus Database

You are currently viewing the URLhaus database entry for http://89.208.104.22/cdn/1.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2273844
URL:	http://89.208.104.22/cdn/1.exe
URL Status:	Offline
Host:	89.208.104.22
Date added:	2022-08-17 06:03:05 UTC
Last online:	2022-08-18 09:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2022-08-17 06:04:07 UTC to abuse{at}aeza[dot]net)
Takedown time:	1 day, 3 hours, 52 minutes (down since 2022-08-18 09:56:37 UTC)
Tags:	dcrat exe RecordBreaker RedLineStealer Smoke Loader

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-08-18	n/a	exe	0521a08a093b772526ba77b22779d12d4a4bf7e0f8a2d601368721f25a22041e	n/a	RedLineStealer
2022-08-18	n/a	exe	a7b592b8fc19cd9e9dfdafaf11de3f0f30310bf569c0883494b97257badf5d8b	n/a	RedLineStealer
2022-08-18	n/a	exe	bd7196c44788f11b75273affa1bf252f9aa39d89925e54fa8dfeda8394e080eb	n/a	Smoke Loader
2022-08-18	n/a	exe	538dcfdf83192a091a5b38d65a397deed5f90b7438089c95c3976b6e08725b53	n/a	RecordBreaker
2022-08-18	n/a	exe	a125f6e9eba5ee8b67fbe7956e9f3cb0d371b114754144ca2b945c34aa3beb3c	n/a	Smoke Loader
2022-08-18	n/a	exe	417b0affdae9240d55b3a3394cc3afe556cef8f90a188a80c0174aeacca77fb0	n/a	Smoke Loader
2022-08-18	n/a	exe	f5f0060d8e6b44619fdcf74db5cc5d6e50be365cf7c92b32325e3a91d622a1f9	n/a	RedLineStealer
2022-08-18	n/a	exe	7e1ac35817ef646d3f53afab3087bca77ea261a3d8e5f423eb06d66b8922de0a	n/a	Smoke Loader
2022-08-18	n/a	exe	c782f2e0413c3e85c372eaf7d20271480eb9e1f3bb62a56a87f00b7a9e52653f	n/a	RedLineStealer
2022-08-18	n/a	exe	67f7953caacebbca9dfefb6c902d90890632269c946312004576c3611bdc0655	n/a	Smoke Loader
2022-08-18	n/a	exe	ddbe13c68d469921bd662d5a3cc5b0b490213ca3283bcaa704f6b7a3e98e252a	n/a	RedLineStealer
2022-08-18	n/a	exe	f8e35969821908e0af316b8cbecc3f53aa4ecd496e903fbd511cb177472837c6	n/a	RecordBreaker
2022-08-18	n/a	exe	6cb9da274bb4ffc27b53ac639f8ed1cbcddf990b8cd622c298863aa162eb2f50	n/a	RecordBreaker
2022-08-18	n/a	exe	18150470e90fc38dc75105e3f7f9f4c55b8b666d6fa1911aa5f7ca51eab1ea81	n/a	Smoke Loader
2022-08-18	n/a	exe	2ee3c78d4e9985d32d56622bd0e7e873f253ff55c0d0e8c2840ed2bf35b70002	n/a	RedLineStealer
2022-08-17	n/a	exe	8ce422ca5d00dfab9a96b1a32d5f6ca80929135a80067df961c9aa2aa89c024a	n/a	RedLineStealer
2022-08-17	n/a	exe	43131ef1c55210090ac84756df8eedfe4d0420b9cadb0c3f74a922f3d6de479b	n/a	RedLineStealer
2022-08-17	n/a	exe	260f2935f18590f84ba89ef39d2be43fa520aa5cfef0137c703f00bf1935da7d	25.40%	RecordBreaker
2022-08-17	n/a	exe	91c442914adf29943de6c481b6f87fe0902a8091727ca7acd4f0077ca17db29c	n/a	RecordBreaker
2022-08-17	n/a	exe	4c92f1bfbb2d887c113035357c76f9a35c18c9e55ed504423f796cff54ca3ddc	n/a	RedLineStealer
2022-08-17	n/a	exe	b01bec4da3f92e8c5ab0aade43b36d8708ad102bc21adf0ada90268cbdf8c323	n/a	RecordBreaker
2022-08-17	n/a	exe	55ce60337b976bf6f2d8ca5e18570a89ba28629eb604f3c1077505a1f24925d4	n/a	RecordBreaker
2022-08-17	n/a	exe	8fd895672a55c6fcd3377f5fad1470fd6de484b15e6c2e311d3d2eeb49eaaba6	n/a	Smoke Loader
2022-08-17	n/a	exe	a43433625076aa276533b5faeb23c9a5d03157792f9437881531993117e20374	n/a	RedLineStealer
2022-08-17	n/a	exe	0f9818da5be93ab2dc710fe465a2a73e34f94117d83cec9c7df3e731fa222806	n/a	DCRat
2022-08-17	n/a	exe	7134131607d2a1e768969c8edc8ae54e6b25a962b4a543a5ce687b338765403c	29.58%	Smoke Loader
2022-08-17	n/a	exe	6f1be4ceefebd6a4187054c34b04a1b018d286df2a72fc33a1d8634eb05b5904	n/a	RecordBreaker
2022-08-17	n/a	exe	e3dc41ce8a7e58f579b5b682d536c24fb4348899b6d332bf96a290eb93beac82	n/a	RedLineStealer
2022-08-17	n/a	exe	ec17ee8c58501e2c4a36b34b6ce197e560110ab9ea5d27242aa16cb779d99f30	n/a	DCRat
2022-08-17	n/a	exe	b99300d00050e4a8b2b0873723a9783b172776ba8cb7500d65e6d93bc3d37147	n/a	Smoke Loader
2022-08-17	n/a	exe	7968a4ce56f635c65b0f2bbdc8d72364a58eab71642ec195cb4fd579a134fca7	24.29%	DCRat
2022-08-17	n/a	exe	d94097abbaadd3536649ca914b7ac5f8828e723b74c38f37a2c23ec16156b757	n/a	RedLineStealer
2022-08-17	n/a	exe	9f811e7bbc6d4799de5647e11e35d4e681485840ff65dc8ced5f956729ac3058	n/a	Smoke Loader
2022-08-17	n/a	exe	5786b1e1dc5abbeb0c60e1b7b652c49af8152c2e923894feb56aee8ad4c0f629	n/a	RecordBreaker
2022-08-17	n/a	exe	411c449f978ff2425a9ee85a26157a0ba45a4895f6c1401a7c4d9a9c42c6a73b	n/a	RedLineStealer
2022-08-17	n/a	exe	01d7f7de616e35195a27d7354b78745e7dedcb4af64db9f53db1597bb42b1c21	n/a	RedLineStealer
2022-08-17	n/a	exe	7ed50d6cf6c9904f2392e39ac88e5e024c21746d794b9dca4b51cbbbd444df4a	n/a	RecordBreaker
2022-08-17	n/a	exe	c7946da08940de7da39c9bcd1417e1926616d7953974ef5f24aacc6de9b362c9	n/a	RedLineStealer
2022-08-17	n/a	exe	9417232ab7e3f14ab2dd3f2394b99a9a0387c3f502400a3455b5b8f60da75caa	n/a	RecordBreaker
2022-08-17	n/a	exe	14907c8f52a1b18f8cd4b624be670b0816584e64edca4908874b370051aa9588	n/a	Smoke Loader
2022-08-17	n/a	exe	892314d1449938c391dd8f88269b64968531d3eb39fed239999d02b2eaf92e7d	n/a	Smoke Loader
2022-08-17	n/a	exe	80e2195c4aad27194f4c39534b9efb7f155b116b3d63ca1f64245892be7b31c9	n/a	RecordBreaker
2022-08-17	n/a	exe	5cd575c5fa62c375ac8f979a0231f39b1779122a277ce4a5c2faa9f5e69e1d11	n/a	Smoke Loader
2022-08-17	n/a	exe	cd6114dd945a3d312b11b645e676137bc5ed28aa242b9ef01a5b5e8dcb321219	31.43%	RedLineStealer
2022-08-17	n/a	exe	ab556753f8316c22c16d53461fa26b8f2484db38baaf210818879cc0c0f38519	n/a	RecordBreaker