URLhaus Database

You are currently viewing the URLhaus database entry for http://77.91.68.21/mine/nocry.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2746470
URL:	http://77.91.68.21/mine/nocry.exe
URL Status:	Offline
Host:	77.91.68.21
Date added:	2024-01-05 05:28:06 UTC
Last online:	2024-01-10 20:XX:XX UTC
Threat:	Malware download
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2024-01-05 05:29:04 UTC to abuse{at}yeezyhost[dot]net)
Takedown time:	5 days, 15 hours, 1 minutes (down since 2024-01-10 20:30:22 UTC)
Tags:	32 exe Rhadamanthys RiseProStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-01-10	n/a	exe	dcdb4f46f540daa74bfde5a234845e54e2c5716152a761c03e5184a8a4640f78	n/a	RiseProStealer
2024-01-09	n/a	exe	f874edee42957c6321834d8fe84a964a8a672ec57d93afbec3eb3461b4fd6a77	n/a	RiseProStealer
2024-01-09	n/a	exe	5c9899dbb45cb61f563761dd2a7f8a6b0fe311502edcea4db7a011d9456cca5d	n/a	RiseProStealer
2024-01-08	n/a	exe	1a6a290d98f5957d00756fc55187c78030de7031544a981fd2bb4cfeae732168	n/a	RiseProStealer
2024-01-08	n/a	exe	f0eb84597df5f82da1fb5981fb5e4249196bb108223c808c855b863291bda513	n/a	RiseProStealer
2024-01-08	n/a	exe	a778a228194dab71ad7c70e332212142073df5bff40d9203d9a7e47e7d1ade09	n/a	RiseProStealer
2024-01-07	n/a	exe	a3a17f2e647709c79eff7bf5f7f4d8a58cb5d78f9b184e91bc28b573da56ae89	n/a	RiseProStealer
2024-01-07	n/a	exe	c8036552ee5aa9ce1c45475a550bb73c67a4b767befc158d4e5212aab67aaf94	n/a	RiseProStealer
2024-01-06	n/a	exe	4ba8be19b243c1ddcefe359a35c8bd3f8969cae00fffe575a44f60f98f473bad	n/a	RiseProStealer
2024-01-06	n/a	exe	bf3613dd6c88da9416679076dc61d215180edf226ea363389b9992d5501a14d6	n/a	RiseProStealer
2024-01-06	n/a	exe	b8b247fee525fefa4ed375f11dfaf9080f95251736cf41127f39eb49dc96bde1	n/a	RiseProStealer
2024-01-06	n/a	exe	e34f35f734834274fd3e1e97816b9c249bd6760260222961ef1cb538cbb835ab	n/a	RiseProStealer
2024-01-06	n/a	exe	d248fd99ca4fe5a3a0b41829aacf20c91bf18c6b991d7f0061c1fe3716626578	n/a	RiseProStealer
2024-01-05	n/a	exe	f253f0fd695990be924b215a76e8207b00e729471aaea3973fde7cdc5c1a05f5	n/a	RiseProStealer
2024-01-05	n/a	exe	5869f52973c259389b302074c98b95068044c557c5f3dc50d3412b4f3108780c	50.00%	Rhadamanthys