URLhaus Database

You are currently viewing the URLhaus database entry for http://193.233.132.167/lend/install.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2781766
URL:	http://193.233.132.167/lend/install.exe
URL Status:	Offline
Host:	193.233.132.167
Date added:	2024-03-13 05:15:37 UTC
Last online:	2024-05-01 21:XX:XX UTC
Threat:	Malware download
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2024-03-13 05:16:06 UTC to abuse{at}sunhost[dot]ltd)
Takedown time:	1 month, 19 days, 16 hours, 15 minutes (down since 2024-05-01 21:31:30 UTC)
Tags:	32 exe PureLogStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-03-20	n/a	exe	ed3a90fa19e1efd65a7aa53fb223342d1c3099d8fd28bcfede3b396d43faf4df	n/a
2024-03-19	n/a	exe	e768e180489ed0d4f65f27c36ce9617e6bcec8828b60d440f46c3a136e419abb	n/a
2024-03-16	n/a	exe	c86a7c8d93091b21f2059a4909a9cedc226efbf4fbf32d8e1d8b35a93dc95096	n/a
2024-03-15	n/a	exe	9206c20030a45a18a51808282cd94112ccfac33c9abc4c020fa1679219eb9a37	n/a
2024-03-14	n/a	exe	8bb0481a5314883ade4234d586ce087363a4dcbf19500232a9ca7ef631682f0d	n/a
2024-03-13	n/a	exe	66a55eac67fb6d5f35377b683252f8e61ef10ffe74a967c8088cd1ac4d20e555	66.18%	PureLogStealer