URLhaus Database

You are currently viewing the URLhaus database entry for http://79.137.192.18/mar3.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2712333
URL:	http://79.137.192.18/mar3.exe
URL Status:	Offline
Host:	79.137.192.18
Date added:	2023-09-18 14:42:06 UTC
Last online:	2023-10-19 08:XX:XX UTC
Threat:	Malware download
Reporter:	Casperinous
Abuse complaint sent (?):	Yes (2023-09-18 14:43:05 UTC to abuse{at}lethost[dot]co)
Takedown time:	1 month, 0 days, 17 hours, 19 minutes (down since 2023-10-19 08:02:34 UTC)
Tags:	dropped-by-SmokeLoader LummaStealer RedLineStealer Smoke Loader Stealc

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-10-12	n/a	exe	7b56b03a973a7f1d05ae4936c945ddb59601fe808dd6149fd5d4571dda90ca7a	n/a	Backdoor.TeamViewer
2023-10-11	n/a	exe	44cd48e24b4b02990be8037d3aeb360be0546f9ebaee29f11825b77235941852	n/a
2023-10-11	n/a	exe	8091373539cb3c22bc308db65b46268944322f9f5b4ce0f5203231ab3d1d12be	n/a	Backdoor.TeamViewer
2023-10-11	n/a	exe	fda8c093b4551f9399e19712be09fd16f5acd4a10c35f90594f1c012bab7e70d	n/a	Backdoor.TeamViewer
2023-10-10	n/a	exe	f9bc3ddfb1e5e253dac94c91d2d678ad2f1c61537207e71fc04d42af28b04520	n/a	LummaStealer
2023-10-10	n/a	exe	00a2f65e91222361100e91bf2859b1c2321dbadbe226aa8291254ce63cb211d0	59.72%	Backdoor.TeamViewer
2023-10-09	n/a	exe	3481e519a886d3970e852d0513034efd0c9d71481b70533ca3c6b92ec83c1d50	n/a	Stealc
2023-10-08	n/a	exe	173cf6b50cfad4fa06f6826452aeceae743a49fb7c2cdc6445961c01dc11da92	n/a	Backdoor.TeamViewer
2023-10-06	n/a	exe	9002295e57a8a0222a1913eb099fc39c83a42575374af6b5e6fb78d33e7487fa	n/a
2023-10-06	n/a	exe	30c661162c05ea875950df6cc6fc4f8b97983119d5eac439475b7ca31aefb756	54.93%	Backdoor.TeamViewer
2023-10-03	n/a	exe	f9f9b154f928549c7a4b484909f41352048ce8148c678f4ec32c807c1d173a39	83.10%	RedLineStealer
2023-09-28	n/a	exe	03765cd4acad61f85cb2237a6f6f9b8dd98774aa492c8439a2343d14b5c7d01e	n/a	Backdoor.TeamViewer
2023-09-28	n/a	exe	5b87ce68e1675eba8902b7531a1318b2d231f211949c0b3357e235ec69ddcec3	n/a
2023-09-28	n/a	exe	9a31e105688533003e4bc86ef9497529e22fb021c86d6431cd33189a31f3864f	56.34%	Backdoor.TeamViewer
2023-09-24	n/a	exe	9b9cbe098bcd6261d2ec404c6da54c7977f7d9919b3daac26c72fa30fa8aafe6	n/a	Backdoor.TeamViewer
2023-09-22	n/a	exe	4b77eeabc30512a512339603a46914b3060a3447dd3c53743bd2cc03c21f2229	59.15%	Backdoor.TeamViewer
2023-09-21	n/a	exe	6afeaa7fde0ee12455c602921a605042b33d9741962cac3015b03334a158e6a2	n/a	Backdoor.TeamViewer
2023-09-19	n/a	exe	521e1daebb7e7a0ad94d160e1f3f10157b87c8c744c9b2c6a5f4d1b16c5e665f	n/a	Backdoor.TeamViewer
2023-09-18	n/a	exe	ace208a4aebe9ac1b659808b108c795961d1160de5b147be47b5624f6de46830	63.38%	Smoke Loader