URLhaus Database

You are currently viewing the URLhaus database entry for http://62.204.41.119/well/testo.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2516971
URL:	http://62.204.41.119/well/testo.exe
URL Status:	Offline
Host:	62.204.41.119
Date added:	2023-01-24 08:05:06 UTC
Last online:	2023-01-25 09:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2023-01-24 08:06:05 UTC to abuse{at}gorizontllc[dot]ru)
Takedown time:	1 day, 1 hours, 19 minutes (down since 2023-01-25 09:25:09 UTC)
Tags:	exe RedLineStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-01-25	n/a	exe	16ed0acd2cac6c0f025cc9c68be280c336cb82a79c232813e67f5be1d8b0474c	n/a	RedLineStealer
2023-01-25	n/a	exe	9d59a5e90a36da78d70c4b0d3e54992bcb80d70e62637a397534fa994c980f4c	n/a	RedLineStealer
2023-01-25	n/a	exe	80b2cc3c13893b7b831994c988b7c410d0b5a6ebd75b244ef88d0d30f4932ce6	n/a	RedLineStealer
2023-01-25	n/a	exe	ed686473f73d827c3e4eb949e22cf367c89fb98dce9eff091b2dcd4e9a2b80af	n/a	RedLineStealer
2023-01-25	n/a	exe	3b5c92944b33590ce9525e8cc51fcb801a9a8047f729db0a73743b97568a32a2	n/a	RedLineStealer
2023-01-25	n/a	exe	3141e70d86057c6e9a5587139479dbee7b44962205f59a74e701a0ae03fe9446	n/a	RedLineStealer
2023-01-25	n/a	exe	3d6b50608d83198a1d9a4e37fbceb4c78941df6ff55753eaac7463808f1a2fe6	n/a
2023-01-25	n/a	exe	e977cf1412fa6ee19747c8439213e2d327755c6e794a2abe7cda866ca1aacfa9	n/a	RedLineStealer
2023-01-25	n/a	exe	07111508428b4cd70a30cabd3826fcd9427a1b99ff23b1fd922e958571e99a23	n/a	RedLineStealer
2023-01-25	n/a	exe	12619df3560ddc6ebc8eead173a0a226a2dcea35b25b9bd0638ec4b539e83db9	n/a	RedLineStealer
2023-01-24	n/a	exe	46f334adfbad0b9ed2e259ba4da1379c626043b206ba2ce610872688e8914c84	n/a	RedLineStealer
2023-01-24	n/a	exe	cfaecec7ee400abba9b1e867eb50c931a0285466749af38b7d3f4506e85785ea	n/a	RedLineStealer
2023-01-24	n/a	exe	745e0ce6973744f6333f76ad3db906857af61d204865a87f2d0b1c5c280322eb	n/a
2023-01-24	n/a	exe	73c49480a2c9671b06d0f13beb6d99a49ffddf947cada76439f5d0abcb9e311d	n/a	RedLineStealer
2023-01-24	n/a	exe	a9a0b873962dd70c87d31a176d82570708f6ed158d33c9fd4f785c7820d04833	n/a	RedLineStealer
2023-01-24	n/a	exe	03c8e1b26339c842b787e49370aeed5cc9e878834979bf7b4078eeded2960a76	n/a	RedLineStealer
2023-01-24	n/a	exe	5a311827b9a1e44a4f0dadb5bed1c0c7486898fad71efd671cc01eb3d56b7c47	34.29%	RedLineStealer
2023-01-24	n/a	exe	76911afbdbe31ac2860643bdfe38765354c47ca412aef237a9a11e41437976b1	28.99%	RedLineStealer
2023-01-24	n/a	exe	5b731d8ebbb1cfef65640a77ded409ee17cdb32f0eaa16c4815a532561fb5653	40.58%	RedLineStealer
2023-01-24	n/a	exe	d283a1581773defbee2be01366a24fdff58606ebcd9fbeadf97fb7d82698caeb	n/a	RedLineStealer
2023-01-24	n/a	exe	e005185acf5a741072482b25725aafddfed4f0616b2d706558508e84c5c6de8c	n/a	RedLineStealer
2023-01-24	n/a	exe	418da050036072ebd2dd015312865921eec1e991946af43d2c0e7a2b8172bdb0	n/a	RedLineStealer
2023-01-24	n/a	exe	23531c8d42627bf448850a3b73f699898ce44e1a4888ab852778402fb473b1a5	40.00%	RedLineStealer
2023-01-24	n/a	exe	2a3bb99be438adf6b178c6060052357c562bcd5e1872a4f8642fa03da3881457	n/a	RedLineStealer
2023-01-24	n/a	exe	f85465498c2a64b141733c727eb52ad107eff7fe2918d7de6c42dcbb26e0a5e7	n/a	RedLineStealer