URLhaus Database

You are currently viewing the URLhaus database entry for http://62.204.41.90/sext/nitka.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2522537
URL:	http://62.204.41.90/sext/nitka.exe
URL Status:	Offline
Host:	62.204.41.90
Date added:	2023-01-30 10:36:05 UTC
Last online:	2023-01-31 18:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2023-01-30 10:37:05 UTC to abuse{at}gorizontllc[dot]ru)
Takedown time:	1 day, 7 hours, 23 minutes (down since 2023-01-31 18:00:47 UTC)
Tags:	exe RedLineStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-01-31	n/a	exe	0aa86a46170cac010ed82f2572e08059b6faa5deedffefe5cf259970ff5e4eb6	n/a	RedLineStealer
2023-01-31	n/a	exe	729adadae94a1bc84212b0c8182be2a4f195df2dbc12874382a23dbb2de5163a	n/a	RedLineStealer
2023-01-31	n/a	exe	daa23016cfa3c49ee8c80896fba56b1964c77f40645de784d95d208320d73b90	34.78%	RedLineStealer
2023-01-31	n/a	exe	2eaa4b4c40e3ce5656965a6012cc84797331cd863ed8694246b082c11156b6be	n/a	RedLineStealer
2023-01-31	n/a	exe	b90bc258d803ed45cf34fec9a7747571914b2223d420c930c791b0d5a2a575af	n/a	RedLineStealer
2023-01-31	n/a	exe	bc73988a479ff76b9cb30cc8c57831b89ae3e7e8ae7f10945ef0771ba2d11e6e	n/a	RedLineStealer
2023-01-31	n/a	exe	3eea7b6c2e651f2cd8ba7001f6dd58c3e804aeaf3b183972d3d1d76fe3bbfaab	n/a	RedLineStealer
2023-01-31	n/a	exe	1be8bdf5ca218b04927da47b456be4f720e87df3561db5754246779edfb92771	n/a	RedLineStealer
2023-01-31	n/a	exe	4a6a1ebfe0c8e665e934181a390dc8eac12b7b453c6448a4476c74b862d68474	n/a	RedLineStealer
2023-01-31	n/a	exe	053625967343b7ba8cffdad7fe42cf4d840673282f8a2e69dc4cc212375adb16	n/a	RedLineStealer
2023-01-31	n/a	exe	cda0ab9ff7c3dd709e6dcd2a73a062a9b47f709e867108d3c473f7b495fa100f	n/a	RedLineStealer
2023-01-31	n/a	exe	f275edb1a9a617bbc5f007e580b6fc16900aa14738f6eb69f8c28ca12d9ab271	n/a	RedLineStealer
2023-01-31	n/a	exe	787891de8712fed8bb186dc7903b5b6a9453a513a8908358eda10fd81200aac6	n/a	RedLineStealer
2023-01-31	n/a	exe	4bdb16c3227e4615557fe66b51146c9f56403e570afe9ef77ac848e30dfd8353	n/a	RedLineStealer
2023-01-31	n/a	exe	21e50f099c52230f8e33a1e75fda2645df8bcf843badc13c4afd9c303713bbdf	n/a	RedLineStealer
2023-01-30	n/a	exe	3fc87d156ec63b019c523310523cbc5b17209837185d187c4bbc92a75acd7e4c	n/a	RedLineStealer
2023-01-30	n/a	exe	66d3b8e075e0444f2cfff326cc1db06eb6464b54e430b0321e76a8979459deac	n/a	RedLineStealer
2023-01-30	n/a	exe	a856e3727ae2717c575485795a755787870fddf949915e819de7dfb56745327a	n/a	RedLineStealer
2023-01-30	n/a	exe	f3c925c1dbe719936cd19b81e1709159122ea1c81d97f7786f7f305985829b94	n/a	RedLineStealer
2023-01-30	n/a	exe	ee0cced4b5dd22d2b5ff746e2393453acc882135bc0a00be854af56631831ff1	n/a	RedLineStealer
2023-01-30	n/a	exe	c66cd92a155b70f1335dfcff0825bf851b4b1e9c6ea53e6d6087fd87df8ebe50	n/a	RedLineStealer
2023-01-30	n/a	exe	45abce6e11b5dec3a8d554e632e30609ce1998db3d969bc0117449976e45c730	n/a	RedLineStealer
2023-01-30	n/a	exe	93691d155e47e29109a94902362d651cdf5dc5ba17b1e8b665c4fc99dd370e1a	n/a	RedLineStealer
2023-01-30	n/a	exe	6f69d4bea4681b9ef42b65f4a4479bcaa0824d21f71020a8820e3e507aca3e4d	n/a	RedLineStealer