URLhaus Database

You are currently viewing the URLhaus database entry for http://79.137.192.18/31839b57a4f11171d6abc8bbc4451ee4.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2703985
URL:	http://79.137.192.18/31839b57a4f11171d6abc8bbc4451ee4.exe
URL Status:	Offline
Host:	79.137.192.18
Date added:	2023-08-11 23:42:09 UTC
Last online:	2023-10-09 22:XX:XX UTC
Threat:	Malware download
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2023-08-11 23:43:04 UTC to abuse{at}lethost[dot]co)
Takedown time:	1 month, 28 days, 22 hours, 18 minutes (down since 2023-10-09 22:01:40 UTC)
Tags:	32 exe glupteba

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-09-09	n/a	exe	27026282d2170cd2dc30551e302b4615e8a66ba719333fd1b02d2259603bacc7	80.28%	Glupteba
2023-09-03	n/a	exe	a09d7d79ba4e1177ee17cc8f10e21508b3b69cf2a29c0f8b3bb478a65ad60846	n/a	Glupteba
2023-08-30	n/a	exe	63cc4816ad2c1aef24453c1455da828fff06962b36bc33dab7e2b9005465ef4a	n/a	Glupteba
2023-08-27	n/a	exe	3c3765a39069b1f6dbcaafb23721a289df7c3e1b540e2de3c76facb867bba7df	46.77%	Glupteba
2023-08-19	n/a	exe	f9d21597eb2b1e91e51ceee8864d7ff32b901ed05490d3c6003745c35d124e73	n/a	Glupteba
2023-08-11	n/a	exe	f2d0f2dac71c7ee35134c60db2f50514005e58832b2dedc388080c71dad6f411	38.03%	Glupteba