URLhaus Database

You are currently viewing the URLhaus database entry for http://79.137.194.41/s.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2614048
URL:	http://79.137.194.41/s.exe
URL Status:	Offline
Host:	79.137.194.41
Date added:	2023-04-19 16:04:10 UTC
Last online:	2023-04-23 05:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2023-04-19 16:05:08 UTC to abuse{at}aeza[dot]net)
Takedown time:	3 days, 12 hours, 54 minutes (down since 2023-04-23 05:00:07 UTC)
Tags:	exe RedLineStealer Smoke Loader

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-04-21	n/a	exe	fc51e907d00e4bc82fda5bfec4b227e5ebf9c5ecce4acebaa24f17ecdfe5ebe8	n/a	Smoke Loader
2023-04-21	n/a	exe	b0b79de26c03f281d9450dfb058032910a3e740ea2cf4063b1d7ae5414a40099	n/a	Smoke Loader
2023-04-21	n/a	exe	d741cd6d1925c84baf07ea0c4a32cb5c7b6cdc2dd398962624c255dfb24b56bc	n/a	Smoke Loader
2023-04-21	n/a	exe	2d4cfb08c14422028ec4ca24a41ae0332b5782e839f845f566f68a62736d9d19	31.43%	Smoke Loader
2023-04-20	n/a	exe	7884a345160e0ccdd4a9bda93b1905d540c0a697ab50d5df52da884fa145f783	n/a	Smoke Loader
2023-04-20	n/a	exe	042f6e8dc83d7909446de11c207066d4eb4af43fba4466c420290e1db8bafc6a	n/a	Smoke Loader
2023-04-20	n/a	exe	354f09ab4aa3401d7fb2ede018dc47f3a60aee4cd8176caa9d94313def48daef	n/a	Smoke Loader
2023-04-20	n/a	exe	c70e59ad1e7a2e1b2b05082a6698c96f55918177bb5dc6fbd45e7a014508424c	n/a	RedLineStealer
2023-04-20	n/a	exe	8de8f74e47b18426f68ccb49f8afd065b7c2d260cfaa0a47ace624c7dcbf2769	n/a	Smoke Loader
2023-04-20	n/a	exe	f2e71a34bcce4dd852402737d9ee44dea3976e07c838da2a6a7f4acde48ec0ba	n/a	Smoke Loader
2023-04-20	n/a	exe	15ab6aea347377bb7a5b5bea781406f85e56be602fc3c2f309323443626765ef	45.71%	Smoke Loader
2023-04-20	n/a	exe	d04e02ba8eb29db3d17c69a5dcf4075a020eb79a15e7329fe373c60735bbb680	n/a	RedLineStealer
2023-04-20	n/a	exe	20270288197fbbe9b70f423924d7ecebce2798853a9a13bf115d1c86fab2e713	n/a	Smoke Loader
2023-04-20	n/a	exe	f17263a83ea1c51f172cf8021695a62904228bcc94c76a4f3aee92aa11d1531e	n/a	Smoke Loader
2023-04-19	n/a	exe	070f7bb8630046f88c04f87a3416d713b66f5e75b84a65096561c322c4b60018	n/a	Smoke Loader
2023-04-19	n/a	exe	405c1ad5dc6fcd07d88d0efe7d587ca21d6e02c4b74bc53c13017d2d4f648564	n/a	RedLineStealer
2023-04-19	n/a	exe	b0dc4433c10d74c9f443ad90f78acc99f2f6faca9e8fb849a94ed916303d2e9b	58.57%	Smoke Loader
2023-04-19	n/a	exe	6a31368693cd06e5311210b937e8a3921ebdf4470f9e96761738cd84c083398e	57.14%	Smoke Loader