URLhaus Database

You are currently viewing the URLhaus database entry for https://kiffdd.eu/gallery/photo_004.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2578614
URL: https://kiffdd.eu/gallery/photo_004.exe
URL Status:Offline
Host: kiffdd.eu
Date added:2023-03-20 14:55:12 UTC
Last online:2023-03-21 19:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: andretavare5
Abuse complaint sent (?): Yes (2023-03-20 18:16:07 UTC to abuse{at}cloudflare[dot]com)
Takedown time:1 day, 4 hours, 11 minutes Poor (down since 2023-03-21 19:07:37 UTC)
Tags:Amadey dropped-by-PrivateLoader RedLine link RedLineStealer link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-03-21n/aexe 03074eab66e0df98879d051c0ab0e4d7d51f805ec4e276f3849038086a0d3b38Virustotal results 33.82% Amadey
2023-03-21n/aexe d668c1e7315bf1f3b3130ef277cdbfa2df4133458b703597b166db23ca3e2df7n/a RedLineStealer
2023-03-21n/aexe f7e684a999f1afb9fe365a9166b61f36742c40a7fc932a1d3072141ad162c1a8n/a RedLineStealer
2023-03-21n/aexe e8051e7adf9c0a30eee4b2c10a70e3631bd8d423ecff8a25cff923012ad548e8Virustotal results 39.13% RedLineStealer
2023-03-21n/aexe dd2e73a81f2770b3d5b8e46d26f17b1436fd974ecc5bb3bbab79190fb9216348Virustotal results 35.29% RedLineStealer
2023-03-21n/aexe ef7a11c29ec0850317f03ef5e13953f6c99e4c42c10a0fc066e305ef30c5eaacn/a RedLineStealer
2023-03-21n/aexe dad4f3a7f3f5449cf8472713c9c1b3f0539bcb34280f2e71156891087518e80bn/a RedLineStealer
2023-03-21n/aexe 47fd89d46ed1b1d7cac0e63703aa3d2e37d073b02f1196820f398013fa76cde6n/aRedLineStealer
2023-03-21n/aexe 3b1f12a3fdf1e67b9f993af22730c3acf71b22e9fb4f04146449307057a8b02cn/a RedLineStealer
2023-03-21n/aexe 8606b0f3527f7b774ac1ffe598ee338ffa6247a639baaf3a9c86f95552973f8bn/a Amadey
2023-03-21n/aexe 7be9aa7eaf74233ec29c6a4ce26f8303fc6dd8db69d7f5e3a1ec5d4099293a1cn/a RedLineStealer
2023-03-20n/aexe 2558cf38481549c9fdd11d2b3fde4b0168c8d7fb7726dd8f588e60e22794ac6bn/a Amadey
2023-03-20n/aexe a3d578e74702ef75d093a8889312c107c4d13dda49e2b5a3691889fbe2974b37n/a RedLineStealer
2023-03-20n/aexe dc48d4481ecd39df258074f0929d6a0c86b0ce6574a10bb0334a576eca51bc08Virustotal results 50.72% RedLineStealer
2023-03-20n/aexe 224cee378b67674d5ea79fb914623b65ff311329e3e0c50144203022fd31c40fVirustotal results 46.27% RedLineStealer
2023-03-20n/aexe 4dfd5e024141a89e370b51fee30b3433c565aed0612cf2390fb6952a106d960en/a RedLineStealer
2023-03-20n/aexe 2986b0dcfe8ca62d0ec4a98db00e0553699ff5302e8c7df0a82916bfc4286b6dn/a RedLineStealer
2023-03-20n/aexe ade3c4253697855fa9052ac13e5dc96a4a830b9bf85790fa11cafa2770b6eb9bVirustotal results 49.28% RedLineStealer