URLhaus Database

You are currently viewing the URLhaus database entry for https://15.204.49.148/files/InstallSetup2.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2743800
URL:	https://15.204.49.148/files/InstallSetup2.exe
URL Status:	Offline
Host:	15.204.49.148
Date added:	2023-12-23 05:58:07 UTC
Last online:	2024-01-31 19:XX:XX UTC
Threat:	Malware download
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2023-12-23 05:59:05 UTC to abuse{at}ovh[dot]net)
Takedown time:	1 month, 9 days, 13 hours, 47 minutes (down since 2024-01-31 19:46:57 UTC)
Tags:	64 exe fabookie glupteba LgoogLoader Smoke Loader Stealc zgRAT

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-01-30	n/a	exe	86674590d311280ebafc9d0ea35a17c5f7a7d6edc335baaaee38309c57c73a77	n/a	LgoogLoader
2024-01-30	n/a	exe	84f9f404de26cf9030444c669ade0cae3fcb2edd98d74a2e9bf2e5ae5712da87	n/a
2024-01-30	n/a	exe	5bb1fbf226f1160346f62cca7f2ef06657e6aabac6b6c38c0a4a2f3744312ce4	n/a
2024-01-28	n/a	exe	fb2b3cee6ed4ce327e57f631befe82f24499a9a227371f351586daa9d92640ca	n/a	Stealc
2024-01-27	n/a	exe	42612f9ca7bda45342938a2e95394aadbe8dc4886be35aa4ed9bf13ab40de53b	n/a
2024-01-27	n/a	exe	17ed11df8f69250fe2b7447a7c139cb59faa9318f550e27b7f1eaff5ec59fef6	n/a
2024-01-23	n/a	exe	8f1db790b8dcd0cfa72966ee8702bfd44c52600a290e40285b21bd6f356c12c5	n/a	Fabookie
2024-01-18	n/a	exe	6ed3de614155bf8fc83672c2e088a2b8e3edd9aa01355455802b8b81ce7be0ec	n/a
2024-01-13	n/a	exe	b5a550031245113f336edee9de44a8e5473eb4dd02c4201566a54c129df3f000	n/a	Fabookie
2024-01-03	n/a	exe	455a6a7f15ba86a0fe02ae1d8beff7a3dc8e858380244a45141054b0d330135c	n/a	zgRAT
2023-12-31	n/a	exe	cad66abae32e9de58d1538c7a992a350661f5a7d5c4774605c75183a038c8a08	n/a	Glupteba
2023-12-29	n/a	exe	f03426437ef56b9a40f7bb9ffced80201a8d1864b3fa943e827c2d893c92fef0	n/a
2023-12-27	n/a	exe	9e8fd63fbf58938109c336c047af0e0bd059b3b7840da0ae1577b4ba9fd20599	n/a	Stealc
2023-12-25	n/a	exe	7e8958eccdf94838193099c458dc96c68ac7d07f14bb28e99e2ea0e5c83cfb03	n/a
2023-12-24	n/a	exe	5ece35d565cc0b5274c6ce8cf9a782c9c8e07baa2296267454fbc325d194a1cd	n/a	Stealc
2023-12-23	n/a	exe	ff3bd8bcbd9f93c0b48fac3dad59735db9db2343da3126bc836a3134b563924d	31.94%	Smoke Loader