URLhaus Database

You are currently viewing the URLhaus database entry for http://bdcvpn.com/images/logo.jpg which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2786389
URL:	http://bdcvpn.com/images/logo.jpg
URL Status:	Offline
Host:	bdcvpn.com
Date added:	2024-03-18 19:12:40 UTC
Last online:	2024-04-05 09:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2024-04-05 08:10:15 UTC to registry{at}stc[dot]com[dot]sa)
Takedown time:	17 days, 17 hours, 53 minutes (down since 2024-04-05 13:06:36 UTC)
Tags:	cutwail dcrat dropped-by-SmokeLoader LummaStealer NetSupport PureLogStealer RedLineStealer RiseProStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-04-04	n/a	exe	245024628c4c6fa07bb85315c4333bc90bc3be9d79b44990b0d006ccf29963d7	n/a
2024-04-03	n/a	exe	100e0d20c509e3a5d1b887228f935229e4c1c05b37deeef9a9ec4317a949134a	n/a	RiseProStealer
2024-04-02	n/a	exe	990943455cb0d2dc807360dd6e9f302edd2ab257d37e968c9fa5d7003970f3a2	n/a	RiseProStealer
2024-04-01	n/a	exe	ccd4e348aa248d1d9153f8960d60c83b57c8f62a2bec7f874c8f39cbaedc5863	n/a	PureLogStealer
2024-03-31	n/a	exe	7eb9327b1e9279bd1555a58930fe5bc72c729a06b155154aa733a89dc2a6ac31	62.50%	LummaStealer
2024-03-31	n/a	exe	b706a1a67f20b5e029c058de6a1e681a36fea762f69b9d983921d0e47ec2bc6c	61.97%	DCRat
2024-03-30	n/a	exe	bd3cb7333a97c82a6ab1939e343d2480bd60c4f643a61f6fdaf83679003e5f6c	43.66%
2024-03-26	n/a	exe	919ccfa399f0b60f9b0680b0325b3415ab7ef4a357765c305756d56017b1ea9b	n/a	Cutwail
2024-03-26	n/a	exe	853f9d2924d01af6a58e86b1cda95a9f2201b6777382c83e6a4a896dd4ada69b	n/a
2024-03-25	n/a	exe	f57aa83a8ad80d934ab1cb1aeee31018ff79bd4d7f62672346bbcc0e459a8b9c	n/a
2024-03-25	n/a	exe	271d519dff8d3a7db53b291c7345fdb05fc7a9d1e3862ea073287976a14fcb74	n/a	NetSupport
2024-03-24	n/a	exe	e37d085fbc95fcdbc002bebc3f074320051781bc645b9ecda152cfa442792772	n/a	RedLineStealer
2024-03-23	n/a	exe	e6b661ac1e91da56a3fceb31bca686c9a5ee2f1cd5b0e35bf239b0f78df53def	n/a	RedLineStealer
2024-03-22	n/a	exe	4e4780f9cdd56a1bca20444d8081b13cbabd85a083df5b824cf85a527235ff11	n/a
2024-03-22	n/a	exe	ee54076e2deaecd9c41c9a502fd702e941efb13044f321bd0e3b90ea5fd17cd8	n/a	RedLineStealer
2024-03-20	n/a	exe	2e6a8480b089ad4675ab0ccad65ce53e3d4bcc31dd5a69b50f5e3f6bd80e5ae2	n/a	Cutwail
2024-03-20	n/a	exe	9231655a42f8c759f7e6bc29901017b15bfaa4388da6504679523620347f135d	n/a	LummaStealer
2024-03-18	n/a	exe	af0af65ec7881bbc6dd5e6c972c134ddf501e1a2b0c88698233b12acdf5ead63	n/a
2024-03-18	n/a	exe	9ede60df2413791861f64add22036616f5c19d09d1cb4f39610e61492f15a344	43.28%	LummaStealer
2024-03-18	n/a	exe	df253ed037f4329a21b28dd068714a36fc129954257d509b53b82df414ee6e62	n/a