URLhaus Database

You are currently viewing the URLhaus database entry for http://193.233.20.3/leta/nita.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2525249
URL:	http://193.233.20.3/leta/nita.exe
URL Status:	Offline
Host:	193.233.20.3
Date added:	2023-02-01 14:36:11 UTC
Last online:	2023-02-03 02:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2023-02-01 14:37:06 UTC to shinomiya[dot]hosting{at}gmail[dot]com)
Takedown time:	1 day, 12 hours, 8 minutes (down since 2023-02-03 02:45:23 UTC)
Tags:	exe RedLineStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-02-03	n/a	exe	18b11eae56eaa7b76512c5e88aae06fda4faebbd477c01e837f5ca1b3ffd1985	n/a	RedLineStealer
2023-02-03	n/a	exe	0fe11375742310d8bfd604692a89099c71ed79a3f49ebaa0e0a217dbd853d602	n/a	RedLineStealer
2023-02-02	n/a	exe	abc4060ae7020687f7f086d67da78613b6ad681be4379e1f3b70ede4143e1d59	n/a	RedLineStealer
2023-02-02	n/a	exe	9b937c2d0300b162822d6aefaadd4a05aa6005444a6ebb0c34be78019f50da8d	37.14%	RedLineStealer
2023-02-02	n/a	exe	5afb1d4be8973f25098bada5ca62eb52ee41e8fccd7debbdbe2b4c9ae6911e30	n/a	RedLineStealer
2023-02-02	n/a	exe	4b42d8504e2622f13e1605827e13140e81e204c3d0d2f0dfdeff0dc34f081178	n/a	RedLineStealer
2023-02-02	n/a	exe	3974a362e78341a13e78747c30cf901c007fb0bd3beca1f8162389d9ac486a21	n/a	RedLineStealer
2023-02-02	n/a	exe	966d8abd0c9e9ccfaf38c8a492be749847fed9dea13cf73b513a5185c52b913b	31.34%	RedLineStealer
2023-02-02	n/a	exe	4de0ff38dd1f37e819e40d7658d28bed7a9a2f1574c696574b82eaab6b8716ce	n/a	RedLineStealer
2023-02-02	n/a	exe	862769c777a16b41d925fc395299ab3997110f336a1b72c4799e599a943e51f2	35.71%	RedLineStealer
2023-02-02	n/a	exe	932e06ef373d93ea1cde5e4fef13d321e5ce8b3b707be937e87264fb64c3a545	n/a	RedLineStealer
2023-02-02	n/a	exe	1d480df533e3b8393bddaecd85b153fe55072329cc5d52f78f7d99af8dcc5769	33.33%	RedLineStealer
2023-02-02	n/a	exe	250f05183329680ee72afa9443073a442e5428c9c14efaa4e3c6185d75727211	n/a	RedLineStealer
2023-02-02	n/a	exe	06dde21a625335975829a48f2993f0ccf99a62c1756bd58f3e110aed0be12c86	n/a	RedLineStealer
2023-02-02	n/a	exe	7ef99cf6b2378214934b430a7b9513dfb3fc188fdf212477bf1dc906207663f5	42.03%	RedLineStealer
2023-02-02	n/a	exe	303262122fa39fdf8381e625e4def3bbb70a08f6ace6f8da04449438c606a3ca	n/a	RedLineStealer
2023-02-02	n/a	exe	66967d49e5d96c09737095adf9f655361955d4b41854662ced6cc2414f780db6	n/a	RedLineStealer
2023-02-02	n/a	exe	0b7804cb7e24879a4fe9268bc4c427f5200b99b89c4fab051c6e7500bdeb812c	n/a	RedLineStealer
2023-02-01	n/a	exe	ef3fa7ccbf35dec0f93f5b2605227192e68bf486d5a646faafbca6cb33286bad	n/a	RedLineStealer
2023-02-01	n/a	exe	47841ab127448862f4f7373fa41034c91735c93ba0bd2ef58ecddc0db5e23d3f	n/a	RedLineStealer
2023-02-01	n/a	exe	4ad2a855e7284dd94ef32bd6c47c05086ae349103d938e5133751995a176fa7b	n/a	RedLineStealer
2023-02-01	n/a	exe	94ae82ff9d499f7bb11fb59101c73edd5d99886793b15f4cba5bb5d514f0a7a1	n/a	RedLineStealer
2023-02-01	n/a	exe	95c91222ca06190e3b9c107d387436214ed867cccc3684b2278744e930971865	n/a	RedLineStealer
2023-02-01	n/a	exe	5a81de0ae1985cca379f31cdbefe3a1f78576a2eba59a9683e6fbeda8f1de40c	n/a	RedLineStealer
2023-02-01	n/a	exe	41fa0edee86cfc72ac4bb3628b3773269038ca1227fe3abe88b878e39c4fdff9	46.38%	RedLineStealer
2023-02-01	n/a	exe	768eba7cebce8cef3a57585b6b718bbcb4ce6b3a63453a81731fa1285ce39e8f	n/a	RedLineStealer