URLhaus Database

You are currently viewing the URLhaus database entry for http://5.42.65.115/files/US.file which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2756623
URL: http://5.42.65.115/files/US.file
URL Status:Offline
Host: 5.42.65.115
Date added:2024-02-04 16:05:12 UTC
Last online:2024-03-30 11:XX:XX UTC
Threat:Malware download Malware download
Reporter: abus3reports
Abuse complaint sent (?): Yes (2024-02-04 16:06:08 UTC to abuse{at}lethost[dot]co)
Takedown time:1 month, 24 days, 18 hours, 58 minutes Bad (down since 2024-03-30 11:04:32 UTC)
Tags:LummaStealer RemoteManipulator link Rhadamanthys RiseProStealer WhiteSnakeStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2024-03-28n/aexe bd65e13a564006f5379779eb0f93ee5c5cf6c594f0548ed893c141caf7d27f97n/a RemoteManipulator
2024-03-28n/aexe 951634f13ea9cbe7e202633e5d1ff48557cbfd6bef05bbaa2f48384fe3db268an/a Rhadamanthys
2024-03-25n/aexe 51c14d4b20278573e5474e06014e8604b17c2a16f65d62015c3d1a829b2647c6n/a Rhadamanthys
2024-03-25n/aexe 6b48f7f8d3332f4dd1fc37b03ae0e307a8c59b28a2ca1dbadd9c3bff63c09d2cn/a 
2024-03-24n/aexe 77a0dc53831eec283ab3dcd980ede68f23d9221336d3d2a7206ffdf22ec51a4bn/a Rhadamanthys
2024-03-22n/aexe 64e1ce4b4cef8c419c704d59d236979113ccc0cf0c41e64ad4322b26a63a4511n/a Rhadamanthys
2024-03-22n/aexe f7b9bd2aa4aca0722d409857f1ef3f3499b6db82fe9d6160d744c52a4a857c97n/a 
2024-03-22n/aexe 276cbe0ca43aabec2125a96eb626dd419d0a4ebd275376113d84ade08bbaa3bfn/aRhadamanthys
2024-03-20n/aexe 1d97092d23544efb24692e6306d43eb6f4fdf0623cc10aa4dd97708f923d9ffdn/a Rhadamanthys
2024-03-20n/aexe e2a1ffc36a8c09c6944e33cdfecb9dced2221c2bf9b05c5a5037058f3a90839an/aRhadamanthys
2024-03-20n/aexe a93819565ddc518f1521737a16cc96d354672d6c6684750cf3d74d43632db164n/a Rhadamanthys
2024-03-18n/aexe 140d38127cd3e6833b355863b225324dea0ad4edf071d5466b089a71539f0569n/a RemoteManipulator
2024-03-16n/aexe bd9669006f47d9e752ccaa6ca0392bb933bd44f49c37b58b8ddb250c871c6729n/a Rhadamanthys
2024-03-12n/aexe 4d944ab5202395d52ec3f5f68166dbd051fd6c57567ff9efdf546bcaaa3af7fcn/a RemoteManipulator
2024-03-06n/aexe 1f299ba9ea9443716f2772a5f321dc2def5a276efef5122b2f382618c7fb1c7dn/a 
2024-02-29n/aexe 7beed09b5b3e606e25702397b563da7558ff2efdfc5d3f164b1eb350b4b73f10n/a Adware.Generic
2024-02-21n/aexe 66875aba7f60877e35cb9035e167d2784140348892734c104a91ca220d550b04n/a 
2024-02-20n/aexe ca80d8ff74e82727d13ebfb31102f0915f86bb665b8a780d5b196f04dca2b104n/a 
2024-02-11n/aexe 7370016fbc18e0c9dd5bde834ad4e10927b71d541db502697c7fee8592fb7858n/a 
2024-02-10n/aexe 82e68bb4f56181a0b2458f2861aa7b5fa1bb0f4ce30907d579c3b92707ef2647n/aWhiteSnakeStealer
2024-02-08n/aexe d55e86610dcad29c3d2857d9dae91aa51228b1fa001ea2d7bda88b9a2b5570a9Virustotal results 43.06% 
2024-02-07n/aexe 665d597e146e9a5ef4a9e63488c5fa1d3b339c84424676f48077a6e968ec249bn/aLummaStealer
2024-02-05n/aexe cafb343ae818b4ccb84777ce20af6b5ea56cf764a6a4904656bafbe09a70c3a1n/a LummaStealer
2024-02-04n/aexe 82e1a2bf56bf88007f83c52216c7f730aa8526cf4c164f6996d48bd8577eb914n/aRiseProStealer
2024-02-04n/aexe b4e7da2efa986bcca47d484f92d297fa04e8a8cd0cb1b282719a524bb9d84f56Virustotal results 25.35%LummaStealer