URLhaus Database

You are currently viewing the URLhaus database entry for https://bitbucket.org/wres1/new777/downloads/NOTWAR.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2404089
URL: https://bitbucket.org/wres1/new777/downloads/NOTWAR.exe
URL Status:Offline
Host: bitbucket.org
Date added:2022-11-08 09:45:09 UTC
Last online:2022-11-17 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: vxvault
Abuse complaint sent (?): Yes (2022-11-08 09:46:09 UTC to abuse{at}atlassian[dot]com)
Takedown time:9 days, 5 hours, 51 minutes Bad (down since 2022-11-17 15:37:48 UTC)
Tags:exe RedLineStealer link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-11-16NOTWAR.exeexe 42feb5dc4281a55a40a8e940787e43ca53f6a2799740354dbe46a8f59e240bdbn/a RedLineStealer
2022-11-16NOTWAR.exeexe ba092fc3e1264da1eae62099c10e5eb37467c39b85e8812c2151a872e7e8f386n/aRedLineStealer
2022-11-16NOTWAR.exeexe 0e7c1c92fa893c51c7b620747bdb3f8d43c9f4f17a707e35c334cebf3194ff21n/a RedLineStealer
2022-11-09NOTWAR.exeexe 5ea3a592c2d7a1ffa8b037e369a8572d59ce9264d97b3029e96b7ec2b3580313n/aRedLineStealer
2022-11-08NOTWAR.exeexe b7539a3622baa553702c3f1cdd5314122cd0d847453f59a4b1aa869788e13edbn/a RedLineStealer
2022-11-08NOTWAR.exeexe 80edb77e7473d68393b70416a3563b9743e25e0a4b85375ac642e2bfdf0380efVirustotal results 22.54% RedLineStealer