URLhaus Database

You are currently viewing the URLhaus database entry for http://79.137.194.48/s.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2344935
URL: http://79.137.194.48/s.exe
URL Status:Offline
Host: 79.137.194.48
Date added:2022-10-01 14:28:05 UTC
Last online:2022-10-03 13:XX:XX UTC
Threat:Malware download Malware download
Reporter: abuse_ch
Abuse complaint sent (?): Yes (2022-10-01 14:29:12 UTC to abuse{at}aeza[dot]net)
Takedown time:1 day, 23 hours, 8 minutes Poor (down since 2022-10-03 13:37:25 UTC)
Tags:ErbiumStealer exe N-W0rm QuasarRAT link RecordBreaker link RedLineStealer link Smoke Loader link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-10-03n/aexe 670b1670bc457d64c885cbca3aebcf462aae5086707585f610c4fedc8f4ee073Virustotal results 37.14%RedLineStealer
2022-10-03n/aexe 5c363beb500dff255a0692f04d534928f0d8de61c793005bf4bef9bdea274c44n/a RedLineStealer
2022-10-03n/aexe ee8601daf173de7abca7dbe5335a6d9511de07fa40cdec51d0a82246575a35cdn/aSmoke Loader
2022-10-03n/aexe bbe0f79b031a4f2c83578fbe30e1f51881b2bbb1ec53051d785f1f4bbbb238c7Virustotal results 39.44%RedLineStealer
2022-10-03n/aexe 4730709944377b6fe4210ebb9af5c96c12735bb010cef8d9ce1a341d6979de77n/a Smoke Loader
2022-10-03n/aexe 4d2921f38a5bbc12057aecb0e0a370ecf21035428fa2a8508f03023aabde3754n/aRedLineStealer
2022-10-03n/aexe d5e5f7d079b216078282d955c2d625bda28ca2a4de774a46ab571c388d897dacn/aSmoke Loader
2022-10-03n/aexe e98425cc4d2e9f27570c6df58a67abb8e9e05f0c84359a556958a4a67c1b3e53n/aRedLineStealer
2022-10-03n/aexe 950d626cdf9aa112d51ab6464231f153a8b72c7da5d2de8ffabbe86f1f356f84n/aRedLineStealer
2022-10-03n/aexe d60da77b66865ba737e8b236be7e2c4bb6584902f8cc587268d3c7f019fac1f9n/a Smoke Loader
2022-10-03n/aexe 2d4a9826902438e97fd11eac1fe05819dbc649be0e006b849336079fff0ccf18n/aErbiumStealer
2022-10-03n/aexe de80bae169162c4b6ececc72e5910d84b93e1b0781cf5c292e4c13245df134b6Virustotal results 39.44% Smoke Loader
2022-10-03n/aexe b99e21dce83c8184c7396d9b0fb284ce0ce662a1cc9d1ad59448000eac1bd806n/aRedLineStealer
2022-10-03n/aexe a28b2614336ba255b5c7d33b2a7eb8b29ffedf766871c2a5be8e67270b32b0afn/aSmoke Loader
2022-10-02n/aexe b28d6b994dcacc0d94a798011c1f7f6ba7bb293e0260159b60104620f320e01cVirustotal results 39.44%RedLineStealer
2022-10-02n/aexe 36a4d0db6599ab92513d068c0f575d31b2aadd7c65d7598e8a1286a4dd2fac53n/a Smoke Loader
2022-10-02n/aexe cb1b47d4d77eb1f26a10c130694871af6a00c0f7e83bb65e1d225844a644d30fn/a Smoke Loader
2022-10-02n/aexe 3b27cb347865bcc539b7faad94c6ed0d383e2fec84f2ec6c5d32bfb83ba03defn/aQuasarRAT
2022-10-02n/aexe becc55f0da56190c49c0b6043e9e7edaf68621331434f23f037f99a41d476ce0n/aN-W0rm
2022-10-02n/aexe d898c6a965e975401a73dc7068488e0248bc10a0794cb2600fa12bc6d63007d8n/aRedLineStealer
2022-10-02n/aexe 6a7d48f08212a61d9fc4202234cd290a42fdd8eebbb53d90c57dc971a159caf3n/aRedLineStealer
2022-10-02n/aexe bacbbc495f8feb32cf7634b1e66c448cacb7f5f91d18e5d2682a6e903adb4744n/aRedLineStealer
2022-10-02n/aexe 66db6bba6cd5a20a84720a71783077ed39830a52b6231ee42508a17805899d80n/aN-W0rm
2022-10-02n/aexe 9d23a234dbe5c77bdb7ef8c15e72dc31de7cce7a296ba4c6021fa38c860b6aa6n/aRedLineStealer
2022-10-02n/aexe 4911e25310acfe3efe4ed72720cdfe857a33dc6c0dbaf94120858aedae58baf4n/aRedLineStealer
2022-10-02n/aexe 8862f70691d3e4fd9993c7bec511b4829403f15fba9b7999708edc372da0103cVirustotal results 35.21%RecordBreaker
2022-10-02n/aexe d87a83744f67d684a92ee4ed7902486af2ce2830ea21aebebfc96f5b3e9525bbn/a Smoke Loader
2022-10-02n/aexe 0f8f4678218df508896a6e58d5d206adb8991f8cef033dfae733d5a2a12a2fe6Virustotal results 36.62%RedLineStealer
2022-10-02n/aexe 89f23309a74ad73879c69e7c3638cf8e2213717af873866746427b0fb566f35bn/a RedLineStealer
2022-10-02n/aexe 697ba52dd7ad5f77e8f617a8d7b3d7482826ff5ff09b414be0b36960a38c6828n/a 
2022-10-02n/aexe 2e13938bf88f01c3bfa263ab7baf3dedadece399f2182c79f1b05eecf386521bn/a RedLineStealer
2022-10-02n/aexe 971db46216feef5d902681cc1ba6db746b9bceb05d20d73a61b271dd7bee1c1cn/a Smoke Loader
2022-10-02n/aexe 5651093b34319baada39919c19b2f512d5bed1422c5cec011a1aac88d2acd1ffVirustotal results 35.71% Smoke Loader
2022-10-02n/aexe 972d89a71e4aab42d5f55cc38491bbbe3fe4423274a310cf89b4f06b3fd245f1n/a RedLineStealer
2022-10-02n/aexe f409a1c5fdb12a60099fe8b30422b31a795ced70e20c3807d548f60f02a91566Virustotal results 38.03% Smoke Loader
2022-10-02n/aexe f5b503b5ba0331c051abe11c5acb261579c84fe44ef1616961a309262194f40en/a Smoke Loader
2022-10-02n/aexe c2e7a153a3e4f3244d9cc5b3e0276ad6a11fa357e71b6c8c036afa622db15e73Virustotal results 36.62% RedLineStealer
2022-10-02n/aexe 9e443318d079064f3f6083ce92f058ab3826c45251f0b102297f66a6d2d4b490Virustotal results 36.62% Smoke Loader
2022-10-02n/aexe b3f104e250de76f74d544519dd98da303f630d17e315a5f2130ad1e8d21e9460n/a 
2022-10-01n/aexe 934575003b5b1b2e263e23a87e9b812b6fc014601ef50e423b10eb62688d2f0fn/a RedLineStealer
2022-10-01n/aexe f86d18c7eb1ff4d85976bd658c262100a3fce55f79ea633ca8cd32bbcf730a34Virustotal results 33.33% RedLineStealer
2022-10-01n/aexe f227c690df085b055748b965275264d36766d05cb8113e02d4a4320f7c504c24n/a RedLineStealer
2022-10-01n/aexe 00c8ffc1ade615e0b77bf9ad90f5d55770c243626e41dcd68e948c3742915df4n/a Smoke Loader
2022-10-01n/aexe 963325e138a79d2c9f72f61bda8601704629c526a7f707eb9cd689efab376d11n/aRedLineStealer
2022-10-01n/aexe 76e1d32e444437378a8561d13a082d31e0fc35effeb46cc618c82a4ed98db622Virustotal results 32.86%RedLineStealer
2022-10-01n/aexe c42b3d46873988bd2bb7a5019a1b37348870a4267e5bb30ade2037907a73724eVirustotal results 38.03% Smoke Loader