URLhaus Database

You are currently viewing the URLhaus database entry for http://15.204.49.148/files/Installsetup2.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2738073
URL:	http://15.204.49.148/files/Installsetup2.exe
URL Status:	Offline
Host:	15.204.49.148
Date added:	2023-12-06 18:33:11 UTC
Last online:	2024-01-31 19:XX:XX UTC
Threat:	Malware download
Reporter:	andretavare5
Abuse complaint sent (?):	Yes (2023-12-06 18:34:05 UTC to abuse{at}ovh[dot]net)
Takedown time:	1 month, 26 days, 1 hours, 13 minutes (down since 2024-01-31 19:47:45 UTC)
Tags:	dropped-by-PrivateLoader fabookie glupteba LgoogLoader Rhadamanthys Smoke Loader Stealc zgRAT

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-01-30	n/a	exe	86674590d311280ebafc9d0ea35a17c5f7a7d6edc335baaaee38309c57c73a77	n/a	LgoogLoader
2024-01-30	n/a	exe	84f9f404de26cf9030444c669ade0cae3fcb2edd98d74a2e9bf2e5ae5712da87	n/a
2024-01-30	n/a	exe	5bb1fbf226f1160346f62cca7f2ef06657e6aabac6b6c38c0a4a2f3744312ce4	n/a
2024-01-28	n/a	exe	fb2b3cee6ed4ce327e57f631befe82f24499a9a227371f351586daa9d92640ca	n/a	Stealc
2024-01-27	n/a	exe	42612f9ca7bda45342938a2e95394aadbe8dc4886be35aa4ed9bf13ab40de53b	n/a
2024-01-27	n/a	exe	17ed11df8f69250fe2b7447a7c139cb59faa9318f550e27b7f1eaff5ec59fef6	n/a
2024-01-23	n/a	exe	8f1db790b8dcd0cfa72966ee8702bfd44c52600a290e40285b21bd6f356c12c5	n/a	Fabookie
2024-01-18	n/a	exe	6ed3de614155bf8fc83672c2e088a2b8e3edd9aa01355455802b8b81ce7be0ec	n/a
2024-01-13	n/a	exe	b5a550031245113f336edee9de44a8e5473eb4dd02c4201566a54c129df3f000	n/a	Fabookie
2024-01-03	n/a	exe	455a6a7f15ba86a0fe02ae1d8beff7a3dc8e858380244a45141054b0d330135c	n/a	zgRAT
2023-12-31	n/a	exe	cad66abae32e9de58d1538c7a992a350661f5a7d5c4774605c75183a038c8a08	n/a	Glupteba
2023-12-29	n/a	exe	f03426437ef56b9a40f7bb9ffced80201a8d1864b3fa943e827c2d893c92fef0	n/a
2023-12-27	n/a	exe	9e8fd63fbf58938109c336c047af0e0bd059b3b7840da0ae1577b4ba9fd20599	n/a	Stealc
2023-12-25	n/a	exe	7e8958eccdf94838193099c458dc96c68ac7d07f14bb28e99e2ea0e5c83cfb03	n/a
2023-12-24	n/a	exe	5ece35d565cc0b5274c6ce8cf9a782c9c8e07baa2296267454fbc325d194a1cd	n/a	Stealc
2023-12-23	n/a	exe	ff3bd8bcbd9f93c0b48fac3dad59735db9db2343da3126bc836a3134b563924d	n/a	Smoke Loader
2023-12-22	n/a	exe	20611e98cfa1eb933a6f90afaa222b832637a27015251fb40d2fc8fd6157f7a5	n/a	Stealc
2023-12-17	n/a	exe	a8cc276de2e2a2310a86a5bd2649554f04d6d2015bb3a77370c1e37e1d27c97c	n/a
2023-12-16	n/a	exe	f3c2557bd0d203790395065d0912947cface0eef8c18132405be7a8b1fea252b	n/a
2023-12-16	n/a	exe	cc8b87ae334d636c7bc03c02de55e6489e193114266a8dc997c50d8e9e0d24e3	n/a
2023-12-15	n/a	exe	b72aad1bb85af2b585a9b91eabe2cba281d21fe4b9f9ff78e75f6753e994d990	n/a
2023-12-14	n/a	exe	02a5992ebd2c53892c3f855999aa1d6ab6ccebb3b104e3b50a967d0a8b4bc42e	n/a
2023-12-14	n/a	exe	65853f722723f376be8509a5e134b3499a5fb6cd407e638a6049cddc4a6d0527	n/a
2023-12-13	n/a	exe	a9b2d057ae7bcc20f1cf8c059f0dfdf4d6d1a7d8af58c406795595311c759166	n/a
2023-12-13	n/a	exe	1cdfe75e001473ef46290dc86ee6b54bb6af93dd8b2b8a8b8cf9eb12dbaea154	n/a
2023-12-12	n/a	exe	6e63a47d125df9d879cb2ac15604284b38fefd4235eb493b7c62f4d0e59e1fcf	n/a
2023-12-11	n/a	exe	33f5cbacef8878e3e922bfb0a651750ff873a91ac4d42a742e187ef8f789f5c1	n/a
2023-12-10	n/a	exe	2772403df32adec199765d4a7119d17aa066dc21d583aa7eac8f5d71571fe3a3	n/a	Glupteba
2023-12-10	n/a	exe	0acc5eca8860dc87070e066f3258296228439b35bdb9fbc02185fc861a97475f	n/a	Stealc
2023-12-09	n/a	exe	b7283eee6896c605fbaf0c06c8c39d0d7bb43df0fcec72e7d63873732cfd4f8e	n/a	Stealc
2023-12-09	n/a	exe	51d8d1c7a0b2aa618b476ff090fe95509c96241a0a7bbfe04663b24c1e89c6f3	13.89%	Stealc
2023-12-08	n/a	exe	e0c8662ec6617b3f32e98860b382dd9a626952ec1845459469ba235ed13b53d8	20.83%	Stealc
2023-12-07	n/a	exe	08350103990b4a2c500792ff535bbda6019c06dc00e3a2c8f7d42da234f94531	24.66%	Stealc
2023-12-06	n/a	exe	686a9348e5412fe8d386b0e44723d8b7b538399e001741a628babf64d15d6a62	27.78%	Stealc