URLhaus Database

You are currently viewing the URLhaus database entry for http://5.42.66.22/space.php which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2786273
URL: http://5.42.66.22/space.php
URL Status:Offline
Host: 5.42.66.22
Date added:2024-03-18 14:50:48 UTC
Last online:2024-03-30 22:XX:XX UTC
Threat:Malware download Malware download
Reporter: Bitsight
Abuse complaint sent (?): Yes (2024-03-18 14:51:15 UTC to abuse{at}lethost[dot]co)
Takedown time:12 days, 7 hours, 12 minutes Bad (down since 2024-03-30 22:04:10 UTC)
Tags:dropped-by-PrivateLoader RiseProStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2024-03-30Space.exeexe fac6ab1c8c1c5857b5ba00298d28f05100af6277808ef53bd2cacccd190ed52cn/aRiseProStealer
2024-03-29Space.exeexe 457a981c5ba0533837b8686227a71110fbab25e0faf48c2fb5c48d16ef157488n/a RiseProStealer
2024-03-28Space.exeexe b289e82f98df176d0b01fd0c6e679d885f1abe8882c4f16d23f0673992197d0en/a RiseProStealer
2024-03-27Space.exeexe 259e2d31da2cb44ef19cc18453924eb3c4588eabf51d5182ecaf9d60266cf60dn/a RiseProStealer
2024-03-26Space.exeexe 77aff8db2e632cee5ee4cfbb0cbf6762133528104287bd48c2886e0215710bd5n/a RiseProStealer
2024-03-25Space.exeexe 2aeafdb21f50141676bdaabc22825177ffaf9fc79b3a272aeb8bb1b647be5bedn/a RiseProStealer
2024-03-24Space.exeexe ec03a903cb74030622ac957e6aaefbb7437b032a4e6db82c33126016ac6c7d06n/a RiseProStealer
2024-03-23SpaceRise.exeexe 0ba575e858a7af84aa6b1644072647015209bfb0393646f5ff55ec411236a1b6n/a 
2024-03-22SelectionWholesale.exeexe 38f51372b195f1f537df5ff9f777859477cdd6568279a8ce3da0f5ae6414e98fn/a RiseProStealer
2024-03-22Space_1.7.exeexe 9cc002c910a6448c1a7c40c960d86f0431cbd9ee94cf66d26da1b963aa12407fn/a RiseProStealer
2024-03-21Space_1.7.exeexe 6e0b4d067456173c2028d171ffac8dc6c6bf5d750d3878b3adabc766ca39175bn/a RiseProStealer
2024-03-21Test_1.7.exeexe 6fc109d20ad381ed7ae1d7dbae9e680bf36b3e8384ac3fc7b0d1c9e86fa4ab05n/a RiseProStealer
2024-03-21RiseSpace.exeexe 572d93555a8ffb5ea10a291c8aba12faf1e9d5f122d61076f1add4faf2b6311cn/a 
2024-03-20RisePro.exeexe 4c14181430cc691bfe7a5e62f6fd617a0aeaf175e7f4c10ca29f55320ce05f02n/aRiseProStealer
2024-03-20crypted_d6f00206.exeexe c7714d8dc09fd67c8a736962b500a7140fbbe329e3b30fc9b6975aa6f1432f5cn/a 
2024-03-20crypted_de7109ba.exeexe cf8a2c8625de3d45e5d67b5c4a0a5e40a680cc58b30570e2d654036713701292n/a 
2024-03-20RisePro_1_2024-03-19_19-57.exe.zipzip 6587e87ae6d12d8895dde7f50d3ec04cbbe0f9c80792d6cc7e7351baa84e4b63n/a 
2024-03-19RisePro_1_2024-03-19_19-57.exe.zipzip 7b6c87f08bc876de70499a2c27a0e775fe40234fcbfa58b9ec8015dc692138f0n/a 
2024-03-19RisePro_1_2024-03-19_18-07.exeexe a07e00a23e6fd1de842b7e4f28a2c7fa37950ce0dcad70f8e33e08db657408c2n/a 
2024-03-19RisePro_1_2024-03-19_14-18.exeexe 4da2ec535138c5ebe767583642cbdc4e4ea9794123d15c8b635b04dd9200e676n/a RiseProStealer
2024-03-19Space_Proxy.exeexe 3ad0819db0c2ba840fff7812ff303d60354ee2d834eb96728b1cfe18475918b6n/aRiseProStealer
2024-03-18RiseSpace.exeexe 5dffcf0920f79b3ddb9623167db653dba6f51e0257f68fb32b4626ea95f4f2can/aRiseProStealer
2024-03-18Space_Proxy.exeexe 4a90ecbed95c8c2539aa9b5b0f888337dde206b60cb3a03e2a1d7025ba928153Virustotal results 27.78%RiseProStealer
2024-03-18Space_Proxy.exeexe 2a3af51dbf49b218c19ff448466a433218290001a4736a0380b063980962156fn/a