URLhaus Database

You are currently viewing the URLhaus database entry for http://15.204.38.209/files/InstallSetup2.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2754067
URL:	http://15.204.38.209/files/InstallSetup2.exe
URL Status:	Offline
Host:	15.204.38.209
Date added:	2024-01-31 09:00:14 UTC
Last online:	2024-03-11 07:XX:XX UTC
Threat:	Malware download
Reporter:	Bitsight
Abuse complaint sent (?):	Yes (2024-01-31 09:01:19 UTC to abuse{at}ovh[dot]net)
Takedown time:	1 month, 9 days, 22 hours, 44 minutes (down since 2024-03-11 07:45:44 UTC)
Tags:	Amadey dropped-by-PrivateLoader glupteba LgoogLoader Stealc

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-03-09	n/a	exe	3d5704231952d0924f21dfd32c9459ecd2ebe553c71cc6e39415eb23c5c6ff9e	n/a	Glupteba
2024-03-08	n/a	exe	717b4054d59508543d1e0e42da078e17fe792eff7082a4327e388871b3f42c49	n/a
2024-03-07	n/a	exe	6d6fca20188496b00e37bacf79f7ea0f213d5dec1532610ce998ecebf802abf5	n/a
2024-03-06	n/a	exe	0edb83a46ed4e7bdc4580e833cf18afa20ad49046bfcfb357ec6aa48fb253d24	n/a
2024-03-05	n/a	exe	ff0be26c6096889e308db765713867aaf5ce8b343f53fe0570fff8b62e81ac1f	n/a
2024-03-01	n/a	exe	820227f6688e8ad6589c520ac92bb4800d4b5f212fe29ed1b9568c953aeaab31	n/a
2024-02-26	n/a	exe	6a926a92c414ab4c24a7bc5971c72beb8834ff858183862a568838f3d2f68250	47.22%
2024-02-24	n/a	exe	42afece193b0655d0e769ca271d37d978c6265dc6404b679e3150d15225b2a60	n/a	Glupteba
2024-02-23	n/a	exe	1140e139bbdfd915c3d86eadcd65aa8d643e4a0aa0cd5d9e536b1b8c528ae4e6	n/a	Stealc
2024-02-22	n/a	exe	be59ec41d5f9b15eddb6a39d8d4df2b5973d2fc21fc0947270eb62842662e32c	n/a	Stealc
2024-02-19	n/a	exe	de08f713d5ba090928a648dfbea989c87b60c5cc97b3725016d1a9c816ef3735	n/a	Stealc
2024-02-17	n/a	exe	b2c4054a46531e974d57a7a35d00b69e1c5a2db1552207ce68b458b9bcf951f0	n/a
2024-02-16	n/a	exe	4c88b9bbbfec8636ae20c5f208bc424200ed2633dec92043da5a6f13e3b987eb	n/a	Stealc
2024-02-16	n/a	exe	42468a96bd32b71d74024075cbb9668c536f5e3fad90ff751b03487a90de8add	n/a
2024-02-15	n/a	exe	9671f7d02ac4b9e489165e88b4458fb4a40a1d8afae63b0cd809b8d26b2ec766	n/a	Stealc
2024-02-13	n/a	exe	fe85b4ea945caea2549ad04ffb788dd1064583d464ca423d74e529022482bc6e	n/a	Stealc
2024-02-12	n/a	exe	d033cb58a4f49daa2129e5cfcaa04d4a584c7752ea56da4a743f5de268502dc1	n/a
2024-02-11	n/a	exe	c4290abc9b05d22cb4112768759acf854f881d08e697528fa2549740f89b9d75	n/a	Stealc
2024-02-10	n/a	exe	0cf7a9e05282b803bad0e5b594281516dc1a1a846f43fe0199ba2cd87230f534	n/a
2024-02-09	n/a	exe	dceda1012c6ef4d88f857a4bf15ba83fdedc26013ca9c7d8aa1902323fd33112	n/a
2024-02-09	n/a	exe	0866b0ada3b64a863d7bbc267d35a308102d3944c08b10ee1cc798a369901060	n/a
2024-02-08	n/a	exe	98e2dc34e5f4937785acc834c4c8a1cb1434d3ae0b6d8b85b9d8877ecd8971f3	n/a	Stealc
2024-02-07	n/a	exe	436ec22e51f6edc257d35099f9e9d5a2ac5f517f286ce23582e4e6798116f190	n/a	Stealc
2024-02-06	n/a	exe	b665c83e4e99505413956aaa726ecf50a9b564d8d82d509542c71ed1d2575a11	n/a	Stealc
2024-02-05	n/a	exe	a4dd7691d3c288e866d9bf8c33d79469872d76b1c5eb3e29f76999c2e79a060d	n/a	LgoogLoader
2024-02-05	n/a	exe	304121e3005b573bb32752fbe1bee987d72c1fdd1f7d0562cbd8f88eacc42dea	n/a	Adware.Generic
2024-02-04	n/a	exe	2b52ff31f1e3eeb17b8cc6fe5aa354fe787b97818f31fec5c60489636d62a54e	n/a	Stealc
2024-02-04	n/a	exe	9582eb9e2b5eccc48e60d5cf38728dacfbb20dc89742ea5a79a76b5d796bbf55	n/a
2024-02-03	n/a	exe	b411616091dcae871f3c0414d55ae591c4ea9a57f84db43e3f6f0ae40e6e70d2	n/a
2024-02-01	n/a	exe	8850c10c46383bafebe6053d7cbaca3625b5ab73c9b267edd574c90aaaa7bed6	n/a	Amadey
2024-01-31	n/a	exe	86674590d311280ebafc9d0ea35a17c5f7a7d6edc335baaaee38309c57c73a77	32.39%	LgoogLoader