URLhaus Database

You are currently viewing the URLhaus database entry for http://galandskiyher4.com/downloads/toolspub2.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2717646
URL: http://galandskiyher4.com/downloads/toolspub2.exe
URL Status:Offline
Host: galandskiyher4.com
Date added:2023-10-06 12:07:07 UTC
Last online:2023-10-11 09:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2023-10-06 12:46:04 UTC to matrixllp{at}skiff[dot]com)
Takedown time:4 days, 20 hours, 56 minutes Bad (down since 2023-10-11 09:42:26 UTC)
Tags:32 exe RedLineStealer link Smoke Loader link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-10-11n/aexe 881fabf544c7f6dc8f6d441a618042fc829582f5ef8952b2840318ef08fdc7a3Virustotal results 35.21% 
2023-10-11n/aexe cb0b04a0daa5866a06fd3f3dcb6d45c9fc60709227871dc14f0e6728df4b7983n/a 
2023-10-11n/aexe 15d816df9f885302af2c7c1d82353c8e2fc122d0edd640ffefa049885f3d8dc3n/a Smoke Loader
2023-10-11n/aexe baaba3c4761df5cb717334e5164cf4c0c74c332aa71ab62d3ae6ee5cc32bcbc0n/a Smoke Loader
2023-10-10n/aexe e4ed9d43525c9ef61ee2c7486dd3c10fd131b3e84ae4e96f93c43c27cbd7de96n/a Smoke Loader
2023-10-10n/aexe 29223fcdbe013983c4f8beaedefe65e6b0e7629706984f9da8158cac87100415Virustotal results 37.50% Smoke Loader
2023-10-10n/aexe ea88c33299bf17b08aaf330b14f152c24848aa9b0fba92aebfd9b005c2c679een/a Smoke Loader
2023-10-10n/aexe 6b066c420ab228bf788f1abda2911eefbb89834640e64d8d6b4f14cb963e4eb8Virustotal results 37.50% Smoke Loader
2023-10-10n/aexe ce5aa6ecd95f62a30bc5161e55f35002b21d83ba9d0547d034bb9cb3f314827aVirustotal results 37.50% Smoke Loader
2023-10-10n/aexe f2e4a614d635bbe572ef735c39ae94610e50abdf40981266b57e28a022a5e6d4Virustotal results 40.28% Smoke Loader
2023-10-10n/aexe dceeb6184ae0e3e46815c7364216a81d1787a8d71508b9ef72b00cf9f2377d1cn/a Smoke Loader
2023-10-10n/aexe 8d59073ef6e74c855f8a3f88945550b372c1e6fd6aeba4c74bda55e232919435Virustotal results 40.28% Smoke Loader
2023-10-10n/aexe 9a32d5124f065b9e4191adb586ae04388dffe7f44fc8a404e5a43cf061a05da6Virustotal results 47.22% Smoke Loader
2023-10-09n/aexe 97804c5bb9727e579a81f6926faf20a27220ed2f08f005596446deb4732d972dVirustotal results 42.25% Smoke Loader
2023-10-09n/aexe aadebe52d66f6c135cdccbf672ba6e7797097c830bb6ee11d8523d5de169d82fn/a Smoke Loader
2023-10-09n/aexe a4e4ac1882caacbfcad1f1218d85991fc74473d8aeba2f4883a2be7534f2ada8n/a Smoke Loader
2023-10-09n/aexe d08657951fd1850b0500edfa71aa041df77554d219e284fea375296dbc83fa68n/a 
2023-10-09n/aexe f30d92b1b76dada3e7f0865d33a6f317e0adaa48516aa55dab1ab4372b213ccbVirustotal results 41.67% Smoke Loader
2023-10-09n/aexe 361c496e2b0cc006505f1f7279ab4aef0a017d5f9867bb103133cc07db5b4aafVirustotal results 38.57% 
2023-10-09n/aexe c7377045775a76a0866176123794f42f3f2a0ee134b868be7783db90fb50938fn/a 
2023-10-08n/aexe 6b8c4d830b03bd087e955254ffa65ad9756e500737a551227a56aad0cbf3eb86n/a Smoke Loader
2023-10-08n/aexe 2f482ce0761ea00931a4d97022da316e6e3eb38b781ee0efc347b32cbef3d6afn/a Smoke Loader
2023-10-08n/aexe 04969e573fe6dc8e69b1733c56164f9c53b0c33a823b940ee7a08167ff067252Virustotal results 37.50% Smoke Loader
2023-10-08n/aexe 48dd4a8affdc19bf4b982997587d385a32fe666946ba901d72b7ceaf649db91eVirustotal results 36.62% Smoke Loader
2023-10-08n/aexe 1321e62d9687c602a93cbd360214134a630b868073b2229fe2c118acc4d4cfa2n/a RedLineStealer
2023-10-08n/aexe 30ab3811630c36f1936e61636589228d1ff701f58ff7c9a8eced93de5afacbf4Virustotal results 37.14% Smoke Loader
2023-10-08n/aexe 3caef895d323c403eca6007631a9dce927c1a126665968de185ace1dc100a62eVirustotal results 37.14% Smoke Loader
2023-10-08n/aexe 0a8536465cdd9260e231e9b1584e9fede76280d9ad82bea62229483148fa9968n/a Smoke Loader
2023-10-08n/aexe 878f2e91c03e56ba9719c1c7848ec02bcb27b0da5cb0259f8b05ecd20d7142aen/a Smoke Loader
2023-10-07n/aexe f24d91ea2d2167918e32dcf65495af793981b103eb6c908ed51dffb42c76b3cen/aSmoke Loader
2023-10-07n/aexe b9a3cbad1e3936e58fcc8a4ac5a08b066aad2b6ba41e4181c22332c5d6760d94Virustotal results 37.50% Smoke Loader
2023-10-07n/aexe 7453bb68d8921b170fbf7e26c799d2c8ecd2d1e85c5cd41e2a923bd4bdb1089bVirustotal results 36.76% RedLineStealer
2023-10-07n/aexe f1b5fd21d4d4bf57e836005ecaf9e70688361303a736dd7554f611196eb62097Virustotal results 34.33% Smoke Loader
2023-10-07n/aexe c027b25401e85012314c7dabbe6523dc1f0fb43af1bad26f1ca78672ba662012Virustotal results 37.50% Smoke Loader
2023-10-07n/aexe 4a01c69c3c580f14ce5e4785d4e3566afd44ac11a66b83e0a862b97da504041en/a Smoke Loader
2023-10-07n/aexe c357d894aaeccbd4b5895e0480471a964234cb3286b9ed68f5337f1e3df75335Virustotal results 38.89% Smoke Loader
2023-10-07n/aexe 3ae385541e4b73e89a72f72cac99bcedcc8770c2877d19809abad5d3d72fa1d8Virustotal results 38.03%Smoke Loader
2023-10-07n/aexe 5c2a71c07532192dece0e60105dfa32ce6c0004a708b3774ba4808da7f190dc6n/a Smoke Loader
2023-10-07n/aexe 3c258ed46041141a294c68b2de32dfc67d39bb77a9a3e53542f8547ab0aaea83Virustotal results 46.48%Smoke Loader
2023-10-07n/aexe fed65d2ec645b2a01ea7ba68810632bcad754687aa921be620358403ab06f7abVirustotal results 37.50%Smoke Loader
2023-10-06n/aexe 0cf0d5fca5c8d012298d4dfcae4679549d4053a3cdcdd0bad2ea4fa38da1f563Virustotal results 38.89% RedLineStealer
2023-10-06n/aexe d16581b77c0a19e06d4e612349abd154ee48f527933aa3ecc50c215c1cbadd95Virustotal results 37.50%Smoke Loader
2023-10-06n/aexe a3db51e8ff90d147fbc7113a6f9c7af37084d95ade5d7ff82425d0ceee4d4116Virustotal results 34.72%Smoke Loader
2023-10-06n/aexe fe018aac095ca8730a0b520fb76f0f9b042bfd956f0958751036b9c53e0df19eVirustotal results 40.28%Smoke Loader
2023-10-06n/aexe 07f875e6fdc4d796eec3d1a6fbecb0283af2311dbe49060cc1124682b9851471Virustotal results 39.44% Smoke Loader