URLhaus Database

You are currently viewing the URLhaus database entry for http://galandskiyher2.com/downloads/toolspub2.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2711893
URL:	http://galandskiyher2.com/downloads/toolspub2.exe
URL Status:	Offline
Host:	galandskiyher2.com
Date added:	2023-09-15 13:07:06 UTC
Last online:	2023-09-23 16:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	vxvault
Abuse complaint sent (?):	Yes (2023-09-15 13:08:05 UTC to matrixllp{at}skiff[dot]com)
Takedown time:	8 days, 3 hours, 22 minutes (down since 2023-09-23 16:31:00 UTC)
Tags:	exe RedLineStealer Smoke Loader Stealc teambot

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-09-23	n/a	exe	56b58687886316907f2ee6d19f964f0fb4f26613cfe73bba625b09101e340182	43.66%	Smoke Loader
2023-09-23	n/a	exe	f0b6cf56e0ace4437b8378d1df1379c2ccbdcd3c6264d0f79200c7031a1ffdf5	43.66%	Smoke Loader
2023-09-23	n/a	exe	b351eec5ba7867286296879d049320b0fbed7200fba224236c5bdd40d688fd8f	43.66%	RedLineStealer
2023-09-23	n/a	exe	4034d80887f9fb4270bca7544fbaadc57406f0c06665877db813a08ceaecb62e	40.91%	Smoke Loader
2023-09-23	n/a	exe	898c2374cff740a001f33d82cf479f0a2a6b339a46ede5ae44c8b4ac87d709d0	43.66%	Smoke Loader
2023-09-23	n/a	exe	ec9d71ba85b9d1be8286625c5541cce355497d2d72b604cfdada19e2b13d263b	35.71%	Smoke Loader
2023-09-22	n/a	exe	445de6225ac9dbb6ad101028053fd52e061832df48664b35d451d13aa685e5ab	42.25%	Smoke Loader
2023-09-22	n/a	exe	9e96d77f013c6ca17f641c947be11a1bb8921937ed79ec98c4b49ef4c641ae5f	39.44%	Smoke Loader
2023-09-22	n/a	exe	99f22d7e71f3a7ed0cc7eee603a3e50d6b9f08957246e302d5c17368efb15b14	43.66%	RedLineStealer
2023-09-22	n/a	exe	0bb0b92194deb106603a64297c08060f66e2ac80ef336a2559249786ed4c58fd	n/a	Smoke Loader
2023-09-22	n/a	exe	3c712a73f1a1ab2248e9002318adef0c78b1aed72b226ec7b6fac4beb863b945	38.03%	Smoke Loader
2023-09-22	n/a	exe	ee334e9018223eeccba9e25e643f9e87ddbcfcf978dd42bc1a404668d4b97ce8	n/a	Smoke Loader
2023-09-22	n/a	exe	fcd8e63cb523cc06c3cde2b5cd53194a190fd763eb8d935186ae999c5f4ec56f	39.13%	Smoke Loader
2023-09-22	n/a	exe	bac10bfc9bccd1acd2aff1fe26474dbc79b6c8fcec9ff1c2b888bb77aebbcb6c	39.44%	Smoke Loader
2023-09-22	n/a	exe	a0a9900f56a4c15ee2a9d2dd80c6e24b63afe73e5a3cf1139c05e348c10b3c6f	38.24%	Smoke Loader
2023-09-21	n/a	exe	c7de9a7e559a2de620a3333dce94d18cba3945364cc49e4d655092d43891f656	36.23%	Smoke Loader
2023-09-21	n/a	exe	12ae050dcb9bb0bfc16cab1d40829e489498b182879c3cd9e1e0f3eed60fc9ad	42.25%	Smoke Loader
2023-09-21	n/a	exe	2e6667f8c4a7fd82216bbf4acf9630495c7a0c409333905cfbef308e821d7630	n/a	Smoke Loader
2023-09-21	n/a	exe	dd41efbedd854045a0f171d798bd808919b330d1f6d141e6059b32a92de2b981	n/a	Smoke Loader
2023-09-21	n/a	exe	eddd307cf96712242a8c1566c50a23a2aa372165e5448996921309c306402f7a	39.44%	Smoke Loader
2023-09-21	n/a	exe	33d6b7b997c29914a22279fa8c1ac329ed5490e85f1edf2617c6158a0b453b12	35.21%	Smoke Loader
2023-09-21	n/a	exe	6ed7dd6b5d5fc4b1ecb0b53332bb8d0ce2982c6bdd79f544124d9d93a357159b	36.62%	Smoke Loader
2023-09-21	n/a	exe	ed997d5e7bc98f15a2c489877a05b24ef2088316422420e46ad472e96269792f	n/a	Smoke Loader
2023-09-21	n/a	exe	a8dd148fa85d239fb47f6524a1706ae783a2a2e47448fdb1aa3be18315f36ce9	30.99%	Smoke Loader
2023-09-21	n/a	exe	c5712973eff5fedc221c4783a457e6ecf8a652cb8b213beecdc1e7439913bb86	35.21%	Smoke Loader
2023-09-21	n/a	exe	1aa694a406a89fc83cce2efe737b8e5db3e174ee062788dd92db43b8a450c5ae	42.25%	Smoke Loader
2023-09-21	n/a	exe	028bd09a2558d75433e2350c8b06559aa7a78913c046eccf3f1ab3ba1940ad1d	34.29%	RedLineStealer
2023-09-21	n/a	exe	49982383c33b6e66bfd98ce748423b0d893013eee21d2124610073fd674a3993	46.48%
2023-09-21	n/a	exe	fae3f8b71a2e6c0a01e1c2ec89b4bf9cf9509a43c3dd8c2f0d23accd20e7ce06	40.85%	Smoke Loader
2023-09-20	n/a	exe	24d11f9081402a7bec5879bb4e4ac8e64cf5a1879b6aa03e0ed6cb4f3db8ad67	n/a	Smoke Loader
2023-09-20	n/a	exe	cc4e8086e0be26370aacb5a9fa41eaa5a1711a45cdb597e76b7839de2c613908	38.03%	Smoke Loader
2023-09-20	n/a	exe	333c13f78fcd5f0cea26cf0b09348eda14f054409f564ce42d2731faf35c1b99	38.03%	Smoke Loader
2023-09-20	n/a	exe	39e0f85cd095241988a610027a343b1c69b355fc8baab6acdd8149a369aa3018	34.29%	Smoke Loader
2023-09-20	n/a	exe	d6741ec9adbd69782250bdb530cd3a31bafc6835793d21b62a460c4e0561e4fd	n/a	Smoke Loader
2023-09-20	n/a	exe	929ed307dcd905977c532ad88f08ea727a3f336ae7ba6e93e2ddb9633c3d11b9	n/a	Smoke Loader
2023-09-20	n/a	exe	c3a5f77071e2b0ab5378a407a826d8dc18d1f8cfd0b5238cf6215afc531c8a18	42.25%	Smoke Loader
2023-09-20	n/a	exe	41587b549aa8871b4be2d834a8f0859c229cf302c53d6d24e98a506b76569ac1	n/a	Smoke Loader
2023-09-20	n/a	exe	3078d4b8b980c6a770e6b836e5a530452add635de349dad4624a1a1eae73e73e	n/a	Smoke Loader
2023-09-19	n/a	exe	65fb843b6f2fa0f8520a070b0dca0b408caeba2f71d324ac4750f1ca9445f678	40.00%	Smoke Loader
2023-09-19	n/a	exe	a1ad63b55945b8af89e2fb629aad6d330a34241c4f21173d4dfdcfbdc358ed0b	38.03%	Smoke Loader
2023-09-19	n/a	exe	9c63b33c936df8c3cca5b1e3665b3f0c1b36a1c1ca826a8bc80551610413b74f	38.03%	Smoke Loader
2023-09-19	n/a	exe	3886fb5989aab6f3ddedf41b15e9cbc85ee5aae98c009cb4d0dc544397f9eead	42.25%	Smoke Loader
2023-09-19	n/a	exe	2a4153f203daefba32c57adfb4b743047eacd8ee0e9b0ea3ca0d5f3b4679773f	n/a	Smoke Loader
2023-09-19	n/a	exe	b9c7a59795b5ab3131fdcd531bd458d9283e64af76ea3b7aa71dc0142e0b2fb4	n/a	Smoke Loader
2023-09-19	n/a	exe	cedb597d7e79293142c09684ba556c94c2b00120ada0d9b9069aa8f2212cb0e5	40.85%	Smoke Loader
2023-09-19	n/a	exe	ef0e66f6f8978c24c038810c14eb2fc53bc6a79f32272cf01587572650a688af	n/a	Smoke Loader
2023-09-19	n/a	exe	360b77e58f2dd4a5cdad448fe449d01e8e31fc1e002c594d98acf3e5ad593d38	n/a	Smoke Loader
2023-09-19	n/a	exe	9944f1ab2a6ddb5b110a920ae7f475ed98fa3fc5c4e226264f644d1145b2b20d	42.25%
2023-09-19	n/a	exe	8adad0cfb96413c12af79d8a2309d5dcaacd92ddc5f038cad1bd5b32353aa13f	42.25%	Smoke Loader
2023-09-18	n/a	exe	af7ee7a2462f23b755da51c9c39dacb865719b3eabf4fb55f1a139147f13a7e7	n/a	Smoke Loader
2023-09-18	n/a	exe	78359d3bed7bf9d9eb1b57b801eeaf31762ce9490d4b5797c2fa4665fea3d30e	35.71%	Smoke Loader
2023-09-18	n/a	exe	e877da27154b92a578c189353ece376177765383fc1b4aec5cdf55d51df4014e	36.62%	Smoke Loader
2023-09-18	n/a	exe	45185d9f4a621f19ad4242267b0ccf79133449bd606b5835178eda27370715d8	39.44%	Smoke Loader
2023-09-18	n/a	exe	cd848e0ccbab652aca7ff854a0ca08aad4cf6ba9f07acf51066e89cda4bb80ee	36.62%	TeamBot
2023-09-18	n/a	exe	267ce9b9eec56e5447f8cba36a0f5c16676e274f95a19900c040397daefcc651	39.44%	Smoke Loader
2023-09-18	n/a	exe	da7337440e7371991af021b96765456519c8b41dbba9089e389b87e4174a7d56	40.85%
2023-09-18	n/a	exe	29bec00a5349dd65a067a12bf5f746300332d2556692995bf8ac0f5d247101e0	n/a	Smoke Loader
2023-09-18	n/a	exe	200c6b67e8e387e0dcaf5c6a30cf4a45510d8fcb6ad990cec40dfa88fe584544	n/a	Smoke Loader
2023-09-18	n/a	exe	ab1a7b4bd0fe528df9ed54e9a82c73d2ec3388b4f1cb8760d47da08ff1f4fc33	42.25%	Smoke Loader
2023-09-17	n/a	exe	cef02d8fb10c153dcd5c8071bbd22d64dbfb6605ddc7388b259725d1cefbd12c	35.21%	Smoke Loader
2023-09-17	n/a	exe	d85283a49d5bff86db06cc8660a9e566d96a20ba124253791122c92fd502fa56	34.29%	Smoke Loader
2023-09-17	n/a	exe	757568f5af7731014baf25b6941c179d14b2041d2aa8a43e482a942e99d86f82	38.03%	Smoke Loader
2023-09-17	n/a	exe	c8614f097a0f3dacd0efaf6110c18e4aa0003150493ecef868dba8744a7b56af	36.62%	Smoke Loader
2023-09-17	n/a	exe	961847146f193d0bade76808dc59a81247845f7aad72accd49647f0778bd2f29	n/a	RedLineStealer
2023-09-17	n/a	exe	18c9ca75fe9fc335363d5430f67180e27e62dc24568355cadf3869e72c1dbdc9	35.21%	Smoke Loader
2023-09-17	n/a	exe	8d1b5f9c660205e3475c482dd9a4618aee5b7d165126a844b5148bf8bb3c253f	n/a	Smoke Loader
2023-09-16	n/a	exe	12eeed553b2a15c4fac0fdcc12b0f7ecf75d92a82bb684d5a503dbd542104c3f	33.80%	Smoke Loader
2023-09-16	n/a	exe	2c28e30d7d6ce9f4adce5db400c081835cbcc625fa5284196775537aa477c2b1	34.92%	Smoke Loader
2023-09-16	n/a	exe	b54f42b5b0d19670960eb10c6789968a30df7e8532519b32d5ef33bf155fc034	38.03%	Smoke Loader
2023-09-16	n/a	exe	c30d2cb931fdee3e3ddd9ec2589ad02efbe981101df6ec4f6d2e1472e0374e01	n/a	Smoke Loader
2023-09-16	n/a	exe	fa1fa9f865ed8e2604edf690db58351bf7050f4e04bdaa5c83836c503d3af84b	n/a	Smoke Loader
2023-09-16	n/a	exe	d570c7efc7e3e6c43ac25349f43cf3664d6a7caa13cb859848f3fe99c40bb277	n/a	Smoke Loader
2023-09-16	n/a	exe	9546efb1a30d3f9a9c7597edc70f5f87ddaa1e30ab528627f31c5d2f65fc8e11	n/a	Smoke Loader
2023-09-16	n/a	exe	0ffab407dd3ebd93f007e24f439bbda8c8b68d50b5ba6537213608608c6f8d61	n/a	Smoke Loader
2023-09-16	n/a	exe	6f2ff4beca2ddfb19a229f614f81576648daa2db28d7b52bd408b177467513ba	36.84%	Smoke Loader
2023-09-15	n/a	exe	28dc2e5876c22e3f65fcbcd09294720a8bfcb90e216bf5368789017d6bb3c35d	45.07%	Smoke Loader
2023-09-15	n/a	exe	bab323bb1575333960a2c2b136206f8732afb14b799dd563e982b22cb567d833	n/a	Smoke Loader
2023-09-15	n/a	exe	7a3ed98aad8f0e6cc774200cdc7b35b86bffdb5f5ce23e8750acb0945d3c78fd	42.25%	Smoke Loader
2023-09-15	n/a	exe	586f4fe479873822ea596ca86a9324eef844b39b685802a3311e1e7577b5b993	n/a	Smoke Loader
2023-09-15	n/a	exe	811b68a18e565772b4123653e83cc20c2860e9662a282a5018dcab228c5b29a7	40.85%	Smoke Loader
2023-09-15	n/a	exe	2f4140d42063d60f416435b8cc1493588293c7516e25aad65fc6929125b4c7dd	n/a	Stealc