URLhaus Database

You are currently viewing the URLhaus database entry for http://77.91.68.21/red/line.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2744342
URL: http://77.91.68.21/red/line.exe
URL Status:Offline
Host: 77.91.68.21
Date added:2023-12-25 11:08:12 UTC
Last online:2023-12-25 18:XX:XX UTC
Threat:Malware download Malware download
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2023-12-25 11:09:05 UTC to abuse{at}yeezyhost[dot]net)
Takedown time:7 hours, 8 minutes Good (down since 2023-12-25 18:17:26 UTC)
Tags:32 exe LummaStealer RiseProStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-12-25n/aexe 35ee5ad4386e070c852d1072928968ba57579d58dc809e0ebf80dbf0ee54c2fan/a RiseProStealer
2023-12-25n/aexe 21f6bc86631d2976de8209f029186b7c0960ae3664a2e05a3bc5cc3d8bdc5951n/a RiseProStealer
2023-12-25n/aexe 345a66c8d9f8b576cc660753a264292604ec4013d1e118c2fb0583d36886e0f1n/a RiseProStealer
2023-12-25n/aexe 4ed4c6b8d7e4bad3a0cd623fe022f0a3ab7409485244a9858a6abada953182b5n/a RiseProStealer
2023-12-25n/aexe be61bac58eb26c19fab79d50010c499531d2d1653e49feebdafa3f80da528a99n/a LummaStealer
2023-12-25n/aexe e9c5ffcddd960dfc9a07f5758eda5393b2ac22bb8651ea272d199f995cfe023an/a RiseProStealer
2023-12-25n/aexe f64cf5630884f924657b657856fd123368e7a75ef5e7dcda20463864ea9857efn/a RiseProStealer
2023-12-25n/aexe 99d4f053f6ae7a87007bd853fa0be0398166be05b952271443c0c5e11556f835n/a LummaStealer
2023-12-25n/aexe 2fe1c7f6fd2a372cbee37cea22872936df4fe02d94cbf75f0115167b2ee14982n/a RiseProStealer
2023-12-25n/aexe a5b54a030b8c657648bb5023453f97b60a933eaee02024194b8ee5bdaa23a728n/a RiseProStealer
2023-12-25n/aexe fb64fbe059b041aff37fffed6ce38795c9ad655e547db63d68199fcd5eec3ca6n/a RiseProStealer
2023-12-25n/aexe 66c3e5b7afd05636fa049062541cf999a08363357877ad95ce893a1459a89b9bn/a RiseProStealer
2023-12-25n/aexe 9c0394677625494aab347a66e94296645cf202760c5e9c27fb17bc057ecad025n/a LummaStealer
2023-12-25n/aexe e9cf653ca2ccbd7aefc1aa375d11490b93bf6c18e2c269f17147a16478cdd29bn/a RiseProStealer
2023-12-25n/aexe 775e856d563aac1ad1fbbca0e2f41bded60ed6628ffe0950aed116c68915ba8an/a RiseProStealer
2023-12-25n/aexe 29a234257d81f7de5574a908568bd43f5d686a028909e9dd31b4cbf6d9bff01dn/a RiseProStealer
2023-12-25n/aexe 46606f98065aca4b4b14c2c749fdf688c58e85d4ae70be540d04201ac888f518n/a RiseProStealer
2023-12-25n/aexe 8e3d3c661efd2642dc65aedb626d82be9c35aade57cbc01710566e4b86baf0d2n/a LummaStealer
2023-12-25n/aexe 8031c379645aa93dad512fbc4230d63bde31ccf4ed119145b861212b1e81e5b0n/a LummaStealer
2023-12-25n/aexe 6e18c0aac85e435eced23988b5c0365e52840f244f91b0aba4520d0a3c42ea64Virustotal results 67.61%RiseProStealer