URLhaus Database

You are currently viewing the URLhaus database entry for http://62.204.41.123/installer.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2286801
URL:	http://62.204.41.123/installer.exe
URL Status:	Offline
Host:	62.204.41.123
Date added:	2022-08-31 14:32:09 UTC
Last online:	2022-10-27 11:XX:XX UTC
Threat:	Malware download
Reporter:	andretavare5
Abuse complaint sent (?):	Yes (2022-08-31 14:33:16 UTC to abuse{at}gorizontllc[dot]msk[dot]ru)
Takedown time:	1 month, 26 days, 21 hours, 10 minutes (down since 2022-10-27 11:43:36 UTC)
Tags:	dropby PrivateLoader RedLineStealer zgRAT

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-09-23	n/a	exe	c848caa153eb6f5f1d66fba17b9d3f4bc97ac47cac3c40b693f466bcef23a7de	n/a
2022-09-19	n/a	exe	bf69921a8293c830267b93751b85c3b88f6262c371423ae40fe500b20184f051	n/a	RedLineStealer
2022-09-16	n/a	exe	ef9609169903222818592b43043f38b4ad40190c5bc400b7e0af96a90b085c3c	5.71%	RedLineStealer
2022-09-13	n/a	exe	dfafcfd68e719844dd2b7626752cbf7c818e9de768fee5e5888d94e242baeabf	n/a	RedLineStealer
2022-09-12	n/a	exe	22c1d53ffde980544a2e044ff44fa8716da3a05a4ba54c1197432645d4c6b734	n/a	RedLineStealer
2022-09-11	n/a	exe	26cdbe0f7546a9e3468ce796f238e0eef396ff81b1490953bdc58aba76d88236	n/a	RedLineStealer
2022-09-09	n/a	exe	62494858e605cb7693fc0ca1c31dfc66a3c2691d643f533fbaa90aec05caaa28	n/a
2022-09-09	n/a	exe	d61c9db05cff42e9b98c236c7d231233a37ed371a391cffa8379e2443bdd4be1	n/a
2022-09-09	n/a	exe	7bc210519683219405d43774cb7a63bd1c04671eb7fa25976f5618180af3032b	n/a
2022-09-08	n/a	exe	938698226328c6fc8edf314c0bee3520be5c7e9caa911638ed4c40d151c5b987	n/a
2022-09-07	n/a	exe	4d91a04637c79f7699e0ad6e5a450475dff30c05fd77613110f2032e1bef746f	n/a
2022-09-07	n/a	exe	6cca9fef66cc8fdb27871f8fb01e870734343c5c3fa480f5518d5d02e90afd42	n/a	RedLineStealer
2022-09-03	n/a	exe	8852a4ff0aa8b2296320373642d4266ec411bd34c8c630d8aaadcc791079aa64	n/a
2022-09-03	n/a	exe	aba67ec9bd4de3a05d77d0049c165058d642c40bb27f67f87748ee712f8f38b4	n/a	RedLineStealer
2022-09-03	n/a	exe	6a7954cf7559470e2d8af98322a6a8cac9a0b16a268709e7f762becf262f1a59	n/a
2022-09-02	n/a	exe	f66e317ed473eefa183bd115409da21ae3a4c0a5ba63b71d8b71d78811293d1a	n/a	zgRAT
2022-08-31	n/a	exe	7e0bd7043b674f37a6c086fcd8aa5ddb0ec4ba675e4860e30f88abe3cfe4b879	n/a	RedLineStealer