URLhaus Database

You are currently viewing the URLhaus database entry for http://77.91.68.239/dark/nsi85.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2713520
URL:	http://77.91.68.239/dark/nsi85.exe
URL Status:	Offline
Host:	77.91.68.239
Date added:	2023-09-23 09:34:08 UTC
Last online:	2023-09-24 23:XX:XX UTC
Threat:	Malware download
Reporter:	andretavare5
Abuse complaint sent (?):	Yes (2023-09-23 09:35:16 UTC to abuse{at}altawk[dot]net)
Takedown time:	1 day, 13 hours, 48 minutes (down since 2023-09-24 23:23:32 UTC)
Tags:	dropped-by-PrivateLoader healer RedLineStealer Smoke Loader

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-09-24	n/a	exe	a46f02b2c39f3d622b3f4071305a46731af9e970a0d65b6dc5fb8366a040736f	n/a	Smoke Loader
2023-09-24	n/a	exe	a5200c34ec66ccb3c29f3405e21c472af228d0eb33a0ee2fedda1e61cfa89a80	n/a	RedLineStealer
2023-09-24	n/a	exe	fd10417ab48fc7f0f4b271a7af8d342bca33d4f5224c8ca6948bf7ba4485321d	n/a	RedLineStealer
2023-09-24	n/a	exe	00b37e3c793b37d3c5cfd8de33323acc0657b395b18a7879fb793c3b26b136dc	n/a	RedLineStealer
2023-09-24	n/a	exe	440f7d2ec66d665481a03b6841cf1a21b257e44dc6db9725a575bc7f67ab50eb	n/a	RedLineStealer
2023-09-24	n/a	exe	9b38e822e9f9d16a26671bed81990815d3760dda09d6b85191f7b979570932de	n/a	RedLineStealer
2023-09-24	n/a	exe	d367343139b9f1f4698358c9127e98543f1898a05ff4f324802a6b629cfb2c57	n/a	RedLineStealer
2023-09-24	n/a	exe	2f99586cceac06ab1a54c06d704868aad4933c3e89ee9c01a729c255bb579d73	n/a	RedLineStealer
2023-09-24	n/a	exe	3009c4faada894a0d1a046aea375e06a8c2d43c6716237bb06daff429895c3cd	65.71%	Backdoor.TeamViewer
2023-09-24	n/a	exe	b6f718098a81f688eb303f76738afa56aa5f3799db907b5c45d8d5b91a1f92dc	n/a	RedLineStealer
2023-09-24	n/a	exe	b1eaba9ddd34ba8bfe7266b815c25d7dae78685781d4d47ad3f7a3cc8ed264d2	70.42%	Backdoor.TeamViewer
2023-09-24	n/a	exe	2ad9c5c621c22e4bbbe075ff0191ce4c3d3cfab6b827b85bca7f70539d1ad66b	n/a	RedLineStealer
2023-09-24	n/a	exe	c4081db25a048348106bf1078d14d0bc6e234376e5f17d353505fefa5dd3f16a	69.01%	RedLineStealer
2023-09-24	n/a	exe	6b6c482e8238432e468ae91653ba6744ff73a92a36e687cc48b99375ff547e87	n/a	RedLineStealer
2023-09-24	n/a	exe	14dcd417b9bf166d5435b5459746a252154bdfe42a9b6abe8a377c5dcf63d92a	n/a	RedLineStealer
2023-09-24	n/a	exe	cc721ae80682f20ab6c2fe3bbdffb80f33c62fb451ddd7cb41d59a76e0e394fc	67.61%	RedLineStealer
2023-09-24	n/a	exe	66adf33f103d61f4992b118383cdef9f48d952ca6f540ef949f7eb46e08fd726	30.99%	RedLineStealer
2023-09-24	n/a	exe	65df6b05b9779b892aaebe2e07360ad6e7ff8976ec857cf1334764e1c8652e6f	n/a	RedLineStealer
2023-09-24	n/a	exe	aea49d498842f42133850cc62963d5acb43e8c45f69c0a75f05ed97d6a05d0cd	n/a	RedLineStealer
2023-09-24	n/a	exe	cf2afcc234173c56f3345665518ecfe6e2c9272b263d9c6cc69ab8dd0b9d0a28	n/a	MysticStealer
2023-09-24	n/a	exe	c915bb31aefadf271f2c0e85d919821f55e081e5c93cbcfbbcef4557f3b7bd33	n/a	MysticStealer
2023-09-24	n/a	exe	fda7278cae1314de9afa155fdf2f60a039eb52d47a1f465098070da32e1113aa	n/a	RedLineStealer
2023-09-24	n/a	exe	5b11f3a100afa15ce195f981d33586268a347eb0c102535ac4d9c4f272a9f8e4	n/a	RedLineStealer
2023-09-24	n/a	exe	f78112d6ea831b454c9cf08296bab0c2b30ae532093b84e395a90327237a6ecb	n/a	RedLineStealer
2023-09-24	n/a	exe	82b6caa99768e4f1ea52dc2205bfecbd1f0b3cd35a60c53933b45416c6b9f980	n/a	Backdoor.TeamViewer
2023-09-24	n/a	exe	f85f279eb9593be0d62a7adf93606a89d76993942cfc9127586db0ae218cad9b	68.57%	Backdoor.TeamViewer
2023-09-24	n/a	exe	4ca25082d2172b7dee0dd62afcd9793db79ac0fdcd920a6b0bfd5f9668bb16a5	n/a	RedLineStealer
2023-09-24	n/a	exe	27229b15df5684dca7f2cd936d5d66486047d503640a73dfb544d9821afd556a	n/a	RedLineStealer
2023-09-24	n/a	exe	d74813cd3bb43a203795802b6364a6b7fb99165314d74c751e634cf6e00df511	n/a	RedLineStealer
2023-09-24	n/a	exe	965bd63b929535575a7c9c2cd7f1b96aba86063ea210ac0b3e73faf103d1550c	n/a	RedLineStealer
2023-09-24	n/a	exe	f9608cf63603a751a5a11184553f7ff4ae7e0b146d459ce5625d33259b854290	n/a	Healer
2023-09-24	n/a	exe	b9e0429296851723dcfa49d2919b30cc811b67bd9de2d537de8c1948015889ff	n/a	RedLineStealer
2023-09-24	n/a	exe	e5eb7faa4b2f9b410813a6a7a13a9dc9516185b0d149ccf3afe9299e33f779c0	n/a	RedLineStealer
2023-09-24	n/a	exe	de472f9015eb4c73d4017d1c4c10962372cc72ea5750fdc68aaaf7396fe244a6	n/a	Backdoor.TeamViewer
2023-09-24	n/a	exe	1686a3b388a8ead281159c372bbccac2fa796d547b8aaa6f5ccd9a94d783bf6b	n/a	RedLineStealer
2023-09-24	n/a	exe	df7e285ea6b9e1a58685b9eddfa4440eafc60e7819af4eed2354d7335784b8a6	n/a	RedLineStealer
2023-09-24	n/a	exe	a5712f474682adc1c3c3ab6044aa65ac3531e9ef2fcf8fb81491e4fd72167532	n/a	RedLineStealer
2023-09-24	n/a	exe	a503fdda1bccda3effe3f0b01135db438342faaf8259d48bb4e7912d7ee8445e	n/a	Backdoor.TeamViewer
2023-09-24	n/a	exe	28a9a6a024a909ca58ea8f8a63b58c43d5bd58183394ea8ae3e79131a2e7d2e2	n/a	RedLineStealer
2023-09-24	n/a	exe	21a15a84d1d077078c0e5e4068bad76fc88405f0ba2c556d1b36b47b04251014	n/a	Backdoor.TeamViewer
2023-09-24	n/a	exe	cb25b2bbca4406677b31751d8419b29b4c97e593ea4aa9eb68868f3f4a98f1d4	n/a
2023-09-24	n/a	exe	94103c90cd7762b94392f8823ba7dc9c0560e85164a7b97a45aaa02e98810998	n/a	Backdoor.TeamViewer
2023-09-23	n/a	exe	46d75f86803b136e9654979bad6a50ab8441725cc35da7687314b1d7c1b2006e	53.52%	Backdoor.TeamViewer
2023-09-23	n/a	exe	98d483844bf481dc9b86f52ad8a0a50a3683c3dd98aef7c475cece6f6fc775fb	n/a	RedLineStealer
2023-09-23	n/a	exe	97f317f95f936e4f1169048bd33e53a779f12a42647e41d7eeb71d3d601b214a	n/a	Backdoor.TeamViewer
2023-09-23	n/a	exe	1fb435fc2ca0d321fdeb0db74e46700cf6e1909a7d9243ffe45b24fcea9bc80b	n/a	RedLineStealer
2023-09-23	n/a	exe	41f742b31e319a6e645dc1fae3f2ca507efd6cdd12c36a5a86f84f4f746b3415	n/a	Healer
2023-09-23	n/a	exe	fce70f2a6b4c4e9aecbd10ff68e495e45861b7e86038517a8c17bc0c7369ab12	n/a	RedLineStealer
2023-09-23	n/a	exe	2859265c38e2c246d998c7126acc83a60511e864e942edda3975130228e00367	n/a	RedLineStealer
2023-09-23	n/a	exe	15522b5539cc52ee228e0e92de854d5e154d095dfb933849c80de65e96271b06	n/a	RedLineStealer
2023-09-23	n/a	exe	a41834478ad7fd4d639c995d904833e6166e2ff74714aab20ddecdbe77a0689a	56.34%	RedLineStealer
2023-09-23	n/a	exe	2d33b8be27d54d14ad71b53e975fc770248d9382f8f941a5ef7b489bc98bb561	n/a
2023-09-23	n/a	exe	323fa84d295a974216eef706a90b2c3ed6e274b5533c7daa2994dd0f6d6e8c02	n/a
2023-09-23	n/a	exe	1f9df20c90dd4b800296871d834f74729f173806bfad1377e555ddd8b8f0bc05	n/a	MysticStealer
2023-09-23	n/a	exe	f45582567297a60d90bca6b0a9f78e51512b0a28df7312392f9f686447c8bb9c	43.66%
2023-09-23	n/a	exe	41c8857bea496f71e314ba368b08e9575093f544f84a3517f7391bb7e0bf956b	n/a	MysticStealer
2023-09-23	n/a	exe	1319d7501351f1023273cda386fbde4dea62cb7de9b3a2a5b38f5e7f51407191	42.86%	MysticStealer
2023-09-23	n/a	exe	43c7677f1489dba120c8ab5003964bdb6eeda0cb36b08d384a9b153c107f2079	n/a	MysticStealer
2023-09-23	n/a	exe	f0f7572cdbab58195b61aa03f9d9ed2dec59c07c9967c368c2c82096c21d907e	n/a	MysticStealer
2023-09-23	n/a	exe	766939e0d1462a84184901130bb3931353d2a76e3ab0940e521988f526860e0f	n/a	MysticStealer
2023-09-23	n/a	exe	41ce9c30a7b8151eab8601b293021e34f103e7c20f8dee13f886491b6ef4d451	n/a	MysticStealer
2023-09-23	n/a	exe	6c5f17e80a5183f1fb554d943ad79e3f52c0dd1311faab6c8f91b9ae0ab6829d	n/a	MysticStealer
2023-09-23	n/a	exe	53de21dc0b87287566ffaa1e09c391393c92abe2a71e1798a169dfc2df5f7bf2	n/a	MysticStealer
2023-09-23	n/a	exe	67ac22da4d436e31f287221ebd20c6a46843b0e01415d0e725a9859cc8082d3d	n/a	RedLineStealer
2023-09-23	n/a	exe	b5bb1d4b200db87d7b9da2b2ef2130d30d5712ae0f5d795b847e56d47529d247	50.70%	Healer
2023-09-23	n/a	exe	6792df48fd7a2ee1e5a1d9aae22e9a1f4a521791f6b6d37df89487b50bebb1e2	n/a	RedLineStealer
2023-09-23	n/a	exe	773f453d2bd47852fe6fef61a0e75ff918558eaed10f5afe974b2b9f6083f5fe	46.48%	RedLineStealer
2023-09-23	n/a	exe	83b39ec52ac14e1e603073c6fe351dfeb73c8cf2678f20d02f06beca0eb4c37f	50.70%	RedLineStealer
2023-09-23	n/a	exe	0f5c0576191a99ba18397101b191ea1cdf312e46d8b97e497fe0aa03568f033d	n/a	RedLineStealer
2023-09-23	n/a	exe	0f1673202917f1acc13087317ef94365d70d016be1a42a194c59621fbade220f	n/a	RedLineStealer
2023-09-23	n/a	exe	bddb2a3fd57b93e446c339b95065dab7f5ecac5043237a0da6a61f9996067d99	n/a	RedLineStealer
2023-09-23	n/a	exe	b4a88c6595dd09dbdd251347e6a2e06258c03f6a50b7b773ddbc74fda6b728e1	n/a	RedLineStealer