URLhaus Database

You are currently viewing the URLhaus database entry for http://tomwallner.icu/syncUpd.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2735157
URL:	http://tomwallner.icu/syncUpd.exe
URL Status:	Offline
Host:	tomwallner.icu
Date added:	2023-11-25 04:28:36 UTC
Last online:	2023-11-25 07:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2023-11-25 06:54:05 UTC to abuse{at}simplecloud[dot]ru)
Takedown time:	3 days, 5 hours, 54 minutes (down since 2023-11-28 10:32:46 UTC)
Tags:	32 exe MarsStealer Stealc

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-11-28	n/a	exe	05d71b72700168dae4fb32608a7fddda752450ec505a66427d3ea754ee558d73	n/a
2023-11-28	n/a	exe	378627cc0c16e69b6a38a07a10f28309e72dfba6934281ebe3097f3de6f98bef	n/a	MarsStealer
2023-11-28	n/a	exe	fbfad384a7eee6d993c8ccf9319d877a1d66a3a800555ccdb1415b1ecf5561ce	n/a
2023-11-28	n/a	exe	52d40579de934fa6bcafcc0ff3aa5d91b0a8e0e8315a5dd21bc0a8b2acb353bb	n/a	Stealc
2023-11-28	n/a	exe	7e6bc3e9eca1a4e48a99f4515625e80b315d2f59c67aded93552fa1ac53d9d3e	n/a	Stealc
2023-11-28	n/a	exe	17f07c0ac4ab2b76c83dc99dffef121491d75e3d20924f4e13cec2911a89b2d7	n/a	Stealc
2023-11-28	n/a	exe	739b987b631ce71d9f7bd5d14e6b90e455eee530afb1a9da99e5db6e46e0b22d	n/a	MarsStealer
2023-11-27	n/a	exe	dfd340417fd62fd125a02adfc8a1eb2710560cbaeb40fe739b604a61d0492eef	n/a	Stealc
2023-11-27	n/a	exe	276a494257d6f269ff804855f69819a077a5b803723006b97c878050f3ecfe37	n/a	MarsStealer
2023-11-27	n/a	exe	be38b4ae39481469300313d29ff7cdc5119a8715f6c3d761edb3f6268a25ace6	n/a	MarsStealer
2023-11-27	n/a	exe	7746ef4e83466edadcdf488a92a9f402ebb0a85699193faa820cdd8c31b3a46f	37.50%	MarsStealer
2023-11-27	n/a	exe	281fc0a9e923fe6437cd859129f2a6ccd1b800003def3969084ec95eb2d1ca2c	38.89%	MarsStealer
2023-11-27	n/a	exe	afbc810d7c0e77e8324975689d6e9546b5ac7e2eab6bb244ef594383f4fb79db	40.28%	Stealc
2023-11-27	n/a	exe	5fbf551bb9c2fe4824e7bf70b3b68c9b969cf14d8e0e618db9ddebbe9d3b9c7c	45.83%	Stealc
2023-11-27	n/a	exe	090004e81007ac852dacb163e2109086e471ef1902c2454fbf9e287e6ba6829f	n/a	Stealc
2023-11-27	n/a	exe	1241aa835ecac8a2d31c40436a38f757a5a213b790684edb42ee1235b46a9749	41.67%	Stealc
2023-11-27	n/a	exe	4f9965ffa4c2eb107233153ec81642cf068f1d1061704081f0c5487e95968307	n/a	Stealc
2023-11-26	n/a	exe	4253324c8e70c2ce1d4c4f7013b1f7d454b8f9ad6d8daf3142ce150e01093aea	n/a	Stealc
2023-11-26	n/a	exe	78a2bba2b5340b176b67cb9c6d9fd1c984a4bb4d0ee6a041256b4dc733acefb2	43.06%	Stealc
2023-11-26	n/a	exe	201129beba2cd919f5684d365e95a83cdeb5e1b7f407ae63a3bad3d0f6e6bd42	41.67%	Stealc
2023-11-26	n/a	exe	1aaae4cf30e28d2bfea3d35f7f88f5258aa6fbb7bc87bb662bbb0aae1f7f7fa9	40.28%	MarsStealer
2023-11-26	n/a	exe	06efb9f04aa620775acf82f5f8cbe09c6d3d35e3740c8bc7068f2a72b2923b3e	n/a	Stealc
2023-11-26	n/a	exe	112e5f2e5c1643920242b652487945e7fba17ff98e864dbad5b2535045d940c5	50.00%	Stealc
2023-11-26	n/a	exe	d0b64df818cec79d629e729f725cbf4ed071da6fe4b3b040240b2e044868896c	n/a	Stealc
2023-11-26	n/a	exe	a4c64edea682e7e5c213f735a270db10a71a8f4c9a0bfe6b2a93f778e327bf88	38.89%	Stealc
2023-11-26	n/a	exe	8f2cbb17f7a036d63725c23212b14b4cb4ba51bbd5ff171ee36975c85381c33f	n/a	Stealc
2023-11-26	n/a	exe	847d0b4575b0c99e33d08eb0622faf2b784d20df07ae60f7ee50f6237b44464f	n/a
2023-11-25	n/a	exe	6fe632c42fffa6b2bd4c0393f7fecc7a79d4e20c70ecdd6f1bf5c8da0dfece56	40.28%	MarsStealer
2023-11-25	n/a	exe	484da5003c2635306e7fed565b9b0f53186ccaf21888b4050ab5ee3116c09c4e	41.67%	Stealc
2023-11-25	n/a	exe	7a1c58744437d69cec8e0e632c386b9ae03a9ca53419a11da75c66ad69473a4a	n/a	MarsStealer
2023-11-25	n/a	exe	ac52a59fc88a6ec3cb00e0ef0e20cfe8df14a85b46b306e246fcc7a8c4212227	n/a	Stealc
2023-11-25	n/a	exe	f5ca6082e4209cf1d051a97d5783202dd0547f91d14d745728c103178b413723	54.17%	Stealc
2023-11-25	n/a	exe	1004e1aa6d023b53325d5d8f9aeec8d7e13476b8e3810ea1584641a134da5619	n/a	Stealc
2023-11-25	n/a	exe	b85db01b8bdfbd02ff27e9a69b7da8030ffaba034ee275fea247c1b1289ad0cb	47.22%	MarsStealer
2023-11-25	n/a	exe	7729e5b688bdac64950e3245bcc28e027c34a4528070cc014b8e3fc061ae56b9	48.61%	Stealc
2023-11-25	n/a	exe	fc640eccc218468f096e9d977b7d2c94bf56877089b64d4f3f56ed894dda0cdf	45.83%	Stealc
2023-11-25	n/a	exe	49b9bed8c75d31a496808f435537937b8d7a08e86456ceae55a59c88a660a3bf	43.06%	Stealc
2023-11-25	n/a	exe	6b35b46a864d2ee03b85ba71e118fd1f3bf9e820fcc5d6aa5a7b745d75472009	47.22%	Stealc