URLhaus Database

You are currently viewing the URLhaus database entry for http://193.233.132.216:38324/gorod/wind.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2761334
URL:	http://193.233.132.216:38324/gorod/wind.exe
URL Status:	Offline
Host:	193.233.132.216
Date added:	2024-02-14 23:00:15 UTC
Last online:	2024-02-16 10:XX:XX UTC
Threat:	Malware download
Reporter:	Bitsight
Abuse complaint sent (?):	Yes (2024-02-14 23:01:10 UTC to abuse{at}sunhost[dot]ltd)
Takedown time:	1 day, 11 hours, 47 minutes (down since 2024-02-16 10:48:11 UTC)
Tags:	dropped-by-PrivateLoader RiseProStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-02-16	n/a	exe	d7c840ce3dc7815c426297ab147fe1d5a9f088583bec90a13d5c023b79ca4015	n/a	RiseProStealer
2024-02-16	n/a	exe	398ac17db0b1faa46ed2155a3d83b4469052ae63db1d5d907a04cfeaff169957	n/a	RiseProStealer
2024-02-15	n/a	exe	470fb35112dbf986337bd5413a592f8a8d934ffb2c9da4747776a8d5c1de0443	n/a	RiseProStealer
2024-02-15	n/a	exe	fc31044e42b9fc3b8263a841421da88a3ebd51bde872ed744fe4c936683fe330	n/a	RiseProStealer
2024-02-15	n/a	exe	23bf044542aac260263a3e74f794e42725267aa84230956859b829b0787dd2a8	n/a	RiseProStealer
2024-02-15	n/a	exe	4837c75088d626121eaf9aef726093de225cd22f8e71ae3450953651282f7d6d	n/a	RiseProStealer
2024-02-15	n/a	exe	cf1f62cab2c87815651bbac0772260ed5ab9e09ef7dfdd2ad5b4444c4ab9e211	n/a	RiseProStealer
2024-02-15	n/a	exe	f69256661301dc38c6f00968f6ceab13efcdd3eb480c79b8da770b471f9d932f	n/a	RiseProStealer
2024-02-15	n/a	exe	7d1dbf95107cd982994938f8a4dac1dab75d7a6086de01eb034ee4a67755189d	n/a	RiseProStealer
2024-02-15	n/a	exe	e711bd0cb7c722f5fb1d6e9823c32e5f9f85710c4ea6a19c8f2fe38f22e5ee6c	n/a	RiseProStealer
2024-02-15	n/a	exe	f2418771743ba579b4c76f0389b5761541b0dca41a99c1172afd5f34a692eef7	n/a	RiseProStealer
2024-02-15	n/a	exe	a64801ac7548d57332227a358b2dca06db054cd0d07246712638c23be4a4b021	n/a	RiseProStealer
2024-02-15	n/a	exe	17d9f2063461b528d123b0f4960a300066b96127d0dbe19b806a3551c2e50f13	n/a	RiseProStealer
2024-02-15	n/a	exe	0195c3685890a8f5d7b1217dba28570f431e2bbb7e07e6258c558dcad34a3609	n/a
2024-02-15	n/a	exe	fbd5e78e6410696631d58bbe531939c7ab873348a8f8444149d1cf31629b2ec9	n/a
2024-02-15	n/a	exe	8be0416a9b51b8aee2e562ec85f85e29f295112db4be31ca30741c966e566b5b	n/a
2024-02-15	n/a	exe	5be6d780e1b499090fc54c89e86da78ec8c62a7950c09f5ebe103b256ae58b1a	50.00%
2024-02-15	n/a	exe	9430a134ac2bb84bee437c3bd2735a800317700e9a7b153ff2ed9c356f73118a	n/a
2024-02-15	n/a	exe	4ad688b89c7e6aee99ec4e451048f43183618a7a9241324fbb7aa6ad3197dff9	50.70%
2024-02-15	n/a	exe	f64438994a8de75634dcda7fa85eb651c7d41fe0ea78931fd572e74a9a1b5264	n/a
2024-02-15	n/a	exe	69488bb251d371e7653d9b7f343d6b950d310adbc77b4c97cc6193bc5689836f	n/a
2024-02-15	n/a	exe	523f6f58aacf1d9c4fa053f4ee6e020be3b84832ed643298c487d630effa0a98	n/a	RiseProStealer
2024-02-15	n/a	exe	88b38196d8e77be745e3cf4b9dd60a08898d86a80feb3d4b8fdc5f7198ba6e32	n/a
2024-02-14	n/a	exe	13450b40b89b4d197d956e39d0242ed84bdb17c2161643ba29bde8e6d31a321f	n/a	RiseProStealer
2024-02-14	n/a	exe	1da64ed2c60e0422d6d8c927cb725cefffded65558fe4cebaff3612b9d17b883	n/a
2024-02-14	n/a	exe	de5dad99d072f740e2ccef4d7f2ea2b4b909dd378b954d189e8fbfdb6222ee8b	n/a	RiseProStealer