URLhaus Database

You are currently viewing the URLhaus database entry for http://robertcook.top/timeSync.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2727788
URL:	http://robertcook.top/timeSync.exe
URL Status:	Offline
Host:	robertcook.top
Date added:	2023-11-04 11:05:13 UTC
Last online:	2023-11-05 20:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	andretavare5
Abuse complaint sent (?):	Yes (2023-11-04 11:06:05 UTC to info{at}iqhost[dot]ru)
Takedown time:	1 day, 9 hours, 11 minutes (down since 2023-11-05 20:17:40 UTC)
Tags:	dropped-by-PrivateLoader MarsStealer Stealc

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-11-05	n/a	exe	c9695c3eb5eb3547a489c484f0eafdbf8ae0ed503b89ae4a9fc47fff00bf3009	n/a	MarsStealer
2023-11-05	n/a	exe	b2880d24019913e08f0abb9b7f6595faef75de3199269f092e315e13bea5e099	43.06%	Stealc
2023-11-05	n/a	exe	2bee29bac294615a9d1b613ba775972cda26781938e3ae3aa60ad9737f1fbde8	47.22%	Stealc
2023-11-05	n/a	exe	9d399e8333943a129b66f9572a3d2ebd0e46725d22171e347c05677ce388cc92	n/a	MarsStealer
2023-11-05	n/a	exe	3b12caa2b17e1378c05477e1f2e3481b3a9cb638024eb5705bf5298f79fd70d6	45.90%	Stealc
2023-11-05	n/a	exe	0e6a19b3bc5992a4b87006701bc2ef7aced896a8791a5386700f983db6d5039d	50.00%	Stealc
2023-11-05	n/a	exe	f7e1a90ee2e6c56f816c3798e793af98da9f976dfca46c167fb01b7b897b8760	n/a	Stealc
2023-11-05	n/a	exe	aff40728907a20084c4762db4b6f305dc3e56695a538b92d8a418b0b29821522	47.22%	Stealc
2023-11-05	n/a	exe	22129d7e9e05b24fa1b6e10177a3e2f793f478f147f6d0688f6c85806d434341	45.83%	MarsStealer
2023-11-04	n/a	exe	46833ca0a3bacd5a06af6ead4ad2915d7fc0bd92af8c1ab32b453d55bf7dbdf9	n/a	Stealc
2023-11-04	n/a	exe	7f26094136b4d0d2ca6fb20a68a6c6d9c20bcb7dac90f58b5a2f810b29c25523	n/a	Stealc
2023-11-04	n/a	exe	3811ad7ee0404a5cece43518bc9c172e876c6af944a3c716436115b1c72a11dc	34.72%	Stealc
2023-11-04	n/a	exe	0e0048728bb3a7cd7adb96810918aad5192388707fd2c94a02138bb9a724f430	36.11%	Stealc
2023-11-04	n/a	exe	d6eabb83f35e3577eb994fac432bb4334d579393249bdd6cbf39f71bd3785d59	37.50%	MarsStealer
2023-11-04	n/a	exe	2ab87c14730e6d85b5f71395c6f228acdc70d6a3ee7078eefa53d206b64c4e25	36.11%	Stealc
2023-11-04	n/a	exe	56a6193fa150519df0ef9043094a2235855d6cb3fca36a4bfcb73cc57e800831	37.50%	MarsStealer