URLhaus Database

You are currently viewing the URLhaus database entry for http://62.204.41.145/ano/anon.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2488588
URL:	http://62.204.41.145/ano/anon.exe
URL Status:	Offline
Host:	62.204.41.145
Date added:	2022-12-27 21:27:10 UTC
Last online:	2023-01-13 15:XX:XX UTC
Threat:	Malware download
Reporter:	viql
Abuse complaint sent (?):	Yes (2022-12-27 21:28:05 UTC to abuse{at}gorizontllc[dot]ru)
Takedown time:	16 days, 18 hours, 23 minutes (down since 2023-01-13 15:51:08 UTC)
Tags:	dropped-by-amadey RedLineStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-01-12	n/a	exe	d03517ce8adc2ca3610220ee31732a9a79327d32b04ee15d44ec207ed0b82e83	n/a	RedLineStealer
2023-01-09	n/a	exe	7e53438698d42b3576789e4b38cff7e79256b826a510281732a9a63913cf7666	n/a	RedLineStealer
2023-01-08	n/a	exe	cb1dcfb54a008a0d20e87923a00107fe9e6b047fd7e99f9813473438f69b9a9f	n/a	RedLineStealer
2023-01-07	n/a	exe	f87fea59be88dceaa2a9aca26f16a01361c279733a1b8e3df29e11bebd68f77a	n/a	RedLineStealer
2023-01-05	n/a	exe	f4025df8c2f9fa0c7caabb373641b71cf5862d40ab42f3eb50b32a771ffb983c	n/a	RedLineStealer
2023-01-04	n/a	exe	3aa433e61713e35e7032ec0874523afa5f32ca32cdab880afa338ed965c654c9	n/a	RedLineStealer
2023-01-03	n/a	exe	6b24fcbb425e8840c3e026cf04e82a31908dbb8479df3946955c18f8d35dc965	n/a	RedLineStealer
2023-01-01	n/a	exe	86567a3c9dfa029ea1a409784c1c5c7decdbe4f0968d391d0b500aae176dbb12	n/a	RedLineStealer
2022-12-31	n/a	exe	e49f72dc69ebb9c0c6d8baba4f535876d568774fd628d185db79b336beddb3df	n/a	RedLineStealer
2022-12-30	n/a	exe	bfa05495a883c00ed74509a32a2a55f5b07004729cd991dcf9ad82133f8d63ba	n/a	RedLineStealer
2022-12-29	n/a	exe	daa06845dcb265e14097bdafab9f9ace60fb6860591563ecada561f50ebe4b60	n/a	RedLineStealer
2022-12-28	n/a	exe	6c761dcdf40ed30cce870368d5722120ec0c893d89142ae7f4e5efa9eeefe949	n/a	RedLineStealer
2022-12-28	n/a	exe	ca806e4d3bbc3a540d1bb64f18fee3fbabba1cd40d560c48af92bc389ad9e941	n/a
2022-12-28	n/a	exe	7b8360419ecf2c90e5dc6386e626158d83d9f08963cb10fdc273f48f31a16ded	n/a	RedLineStealer
2022-12-27	n/a	exe	153723a47df18658d161a84b3a79ba5a06f01186955a907e964230d637ef4ccd	n/a	RedLineStealer
2022-12-27	n/a	exe	c79b058f49250afd715f08ea2f8ee8e50c840a9dc83e07bd6d2575f3f9270ba0	57.97%	RedLineStealer