URLhaus Database

You are currently viewing the URLhaus database entry for https://connect2me.hopto.org/wow/1/2/3/4/5/6/7/DefenderSmartScreen.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2284516
URL:	https://connect2me.hopto.org/wow/1/2/3/4/5/6/7/DefenderSmartScreen.exe
URL Status:	Offline
Host:	connect2me.hopto.org
Date added:	2022-08-30 05:52:07 UTC
Last online:	2023-04-16 02:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	tcains2
Abuse complaint sent (?):	Yes (2022-08-30 05:53:15 UTC to abuse{at}neterra[dot]net)
Takedown time:	7 months, 18 days, 21 hours, 4 minutes (down since 2023-04-16 02:57:57 UTC)
Tags:	CoinMiner darkrat dcrat RedLineStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-10-01	n/a	exe	455a9224b709f9b67263691c09909f0d172718117e591d92f075ef4640ced3b6	n/a	DCRat
2022-10-01	n/a	exe	0d5c134ba7c6a8b88a5da5809612fe85bd930f1ed72e0537d696500ff2a19886	n/a	RedLineStealer
2022-09-29	n/a	exe	9dc4f5a6742e9fd124b445666fb69d1f436046cdc17cd1657a939b7f4d664a41	n/a	DCRat
2022-09-27	n/a	exe	7a500009d9eacf51b9cba63831ff87c6476254ec3f540cd2138bfa39b4934458	n/a	DCRat
2022-09-26	n/a	exe	5b31500648f5b2be009ddec917e1a8033938ddaaf8ec0de2cb0e6e4ba3302891	n/a
2022-09-23	n/a	exe	f106f29e6578ec3493f2e488accf3d402dfbc9d753cd0055d0e5890e119ef889	n/a
2022-09-22	n/a	exe	49e93a5a4f726c628d6c3433b299af3b85bc1cba1bf030c46d2fcca53d5a6ee8	n/a
2022-09-20	n/a	exe	ddc04e24e54899b2ecc310b52e26e64920729330d03a2ebf1899dc373d9332d0	n/a
2022-09-17	n/a	exe	adadacc36fc7453a1bc6dcf1f68e46a60a412948ccb0b951f03144ecd2a40cce	n/a	CoinMiner
2022-09-16	n/a	exe	1e99f83aba32a1e7af9647997a77e01f52b41bc321de4ae6a97f1c320fa94026	n/a	DCRat
2022-09-12	n/a	exe	bfc69e582588ba6a82ff23e28e934717f717194dfd30a2e4f97785440704a8bd	n/a	DCRat
2022-09-12	n/a	exe	7799a26290e55a67c2299ca66b726b029af3819c6e71ccbdfb5813f6a3b7b791	n/a	DCRat
2022-09-10	n/a	exe	6fa7f7b8fdac392e44af2ebc36444638d309cd7703bc9d65f36853b053dc1283	n/a	DCRat
2022-09-10	n/a	exe	70f14754d5d44e4c6f3e7d127353f33f7ae05766fd8983e4105195035dc02e7d	n/a	DCRat
2022-09-09	n/a	exe	e125d75a8aaf6ca983d98e3538d83049cf4ee02c97d6eddafa6a3e97296af783	n/a	DCRat
2022-09-05	n/a	exe	c26e13b39e3e087842cd3c25110692ad6a9f937a5501d95b162884b29bbfc563	n/a	DCRat
2022-09-04	n/a	exe	62da3fd74e853a32b0bfb1bf2aa2c9d4c064a7247981bf4bed117fd69d2d4491	n/a	DCRat
2022-09-02	n/a	exe	ba177df3bde0f23d80c9bd38c8f647bf9fc4135744d3a59386973d090503d744	n/a	DCRat
2022-08-31	n/a	exe	33c851b59c7b057672bc65e0f9a69b31d70356f5594da347d2fff66ddb272798	n/a	DCRat
2022-08-31	n/a	exe	0cc19f16e32f8f3c4f0a758dc034e36addc3947bb0f6022f553d9ac0f021fe3c	n/a	DCRat
2022-08-30	n/a	exe	2204db3026ba00f8342b58684028cf0a7b5a1fb5818dd87e995fb46d5c296894	19.12%	RedLineStealer
2022-08-30	n/a	exe	47914fa6b0464f1a14c06792e85ce1ba4620b950a1dfb5168d097fda39b8a6fe	63.38%	DarkRAT