URLhaus Database

You are currently viewing the URLhaus database entry for http://5.42.64.10/api/files/software/s1.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2713647
URL: http://5.42.64.10/api/files/software/s1.exe
URL Status:Offline
Host: 5.42.64.10
Date added:2023-09-24 07:04:06 UTC
Last online:2023-10-08 19:XX:XX UTC
Threat:Malware download Malware download
Reporter: andretavare5
Abuse complaint sent (?): Yes (2023-09-24 07:05:16 UTC to abuse{at}lethost[dot]co)
Takedown time:14 days, 12 hours, 11 minutes Bad (down since 2023-10-08 19:16:26 UTC)
Tags:DanaBot link dropped-by-PrivateLoader gcleaner link RaccoonStealer link RedLine link RiseProStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-10-01n/aexe 981923aeeddd4c6f2b68c6b1c0e80f6b4ca6495e200562f371215e37cb7885acVirustotal results 43.06%RaccoonStealer
2023-10-01n/aexe e5e5abe00e82ad616e13abd1768769dc8d31b4e1a5b79955219cea34c395e9dfVirustotal results 43.06%GCleaner
2023-10-01n/aexe fe83636233da5eeb406ddcd43a4beb5ed9629797073fba5415c2b4450aad0647n/aRaccoonStealer
2023-10-01n/aexe 00907aa97c6e90b24d319017d746186e5121fbe3198c4b8f5c377818e0e893c0Virustotal results 45.83%OnlyLogger
2023-10-01n/aexe ce22f76e38e60e2916ff0461bc9911fe354958d4098117e15cc339c7361eb2c3Virustotal results 45.83%OnlyLogger
2023-10-01n/aexe 3e542d2321ae708e00e6376cf89f28d65affd5ac30395026e779495c1ec31502n/a OnlyLogger
2023-10-01n/aexe adde0fe197cbcf5a861e20c85e38b825e769896a256a08995f79a1ed8e9f8341Virustotal results 43.06% OnlyLogger
2023-10-01n/aexe 396c4b50e8bc32fae9f5de6a9c140278fee7600096ce2de145ba2d931e763b13n/aRiseProStealer
2023-09-30n/aexe 3237c81c20eec0a5dba5e2e6d07fb0dcd5130cece116bb4081286784c2dab395n/aRiseProStealer
2023-09-30n/aexe 5b984ca52cca1a5b02214e3818b49dd0548cb96537ce81c861e4bdda6229eb69Virustotal results 43.06%RiseProStealer
2023-09-30n/aexe 38f591cec623aa78cf91aa34e13bba63470bf671534536c1a2458598a17128deVirustotal results 41.67%RiseProStealer
2023-09-30n/aexe a8749f5edc0803c81e28c6ccccac7591f0ffe24b1478936b088ea770bc4712b0n/aRiseProStealer
2023-09-25n/aexe 52b0e7b3b305aa3dc87d59ef9260ea58803a35425cd32f02727817c5010f9527n/a GCleaner
2023-09-25n/aexe c592d9743cc359c315ff6378283468fb40ee1d088174c5577ba689f2368390aan/a GCleaner
2023-09-25n/aexe cea201bae295530a8e9ea1cb1041cfb98c0da556390ca6255c4bc800d30ea1d8n/a GCleaner
2023-09-25n/aexe d7d28faa0ff044218b31527ebc22adb75db34db7dacfc560abeda0e15741901eVirustotal results 40.28% OnlyLogger
2023-09-25n/aexe 322b9a6e311206d2279f60b6f13fe50342f773ccfaab5ce7c8272a90c0a31dfdVirustotal results 39.68% 
2023-09-25n/aexe 3929c096d9902b832fcb8dc19bc0e95559ce4e1741d32f40422880b70e352198Virustotal results 40.85% GCleaner
2023-09-25n/aexe bf8ccdff1770b99af8f1ece555f0fe70b28bed5cb4d84ba39ad09eb3f54b16d4n/aOnlyLogger
2023-09-24n/aexe 1fe1a5626aa4064b521aa8b2e9830b6b325d21ec6405b4e294a1a943cba15947n/aOnlyLogger
2023-09-24n/aexe 2c16200c3d0555be6c757bbebcf4c4015ec93df5f77dbfa71201130237463e8eVirustotal results 39.44%OnlyLogger
2023-09-24n/aexe bba6ed7cf7c5d4ed671677f4332599bebe8ceb23a5f04e78ff9c34a5eeb0d58eVirustotal results 46.48% GCleaner
2023-09-24n/aexe 93fd64f45f9e672c1cf11d5ea78356e8fb5862ffddeb9819d8886137c87ed3c7Virustotal results 43.66%OnlyLogger
2023-09-24n/aexe b4c2c0bc21a4740b9b4949688c618a22008e630879faa8e87c488f44bfc1ad3an/aOnlyLogger
2023-09-24n/aexe 296b03c62f43d33fac464b3ad0d46206ae933a0c4842c9a6d4d7dc35c4caa0b5n/a GCleaner
2023-09-24n/aexe 5e32d15eca9aa02ea00b0fab9db99e52fc0c90332cd653369d12d0a3b0152427n/aOnlyLogger