URLhaus Database

You are currently viewing the URLhaus database entry for http://193.233.132.139/wingo/menta.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2815274
URL:	http://193.233.132.139/wingo/menta.exe
URL Status:	Offline
Host:	193.233.132.139
Date added:	2024-04-17 13:48:05 UTC
Last online:	2024-04-18 08:XX:XX UTC
Threat:	Malware download
Reporter:	Bitsight
Abuse complaint sent (?):	Yes (2024-04-17 13:49:05 UTC to abuse{at}sunhost[dot]ltd)
Takedown time:	18 hours, 27 minutes (down since 2024-04-18 08:16:53 UTC)
Tags:	dropped-by-PrivateLoader RiseProStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-04-17	n/a	exe	1cedd5eac704c8e4438015ea16c9974d8c33eb55f73f188a82082d7276377449	n/a
2024-04-17	n/a	exe	be69fd07cd8c77aebbc0016dd3bf9094e4597f6161e50cb9a746f7c68cc5ecec	43.66%	RiseProStealer
2024-04-17	n/a	exe	f32e04ec7c36392e9c6df9b00d738dc670b40722faa361aeba9347f97a6cfa35	28.99%	RiseProStealer
2024-04-17	n/a	exe	dd597382fa2346db39334557fd3eb8adba3abde583ce12d6ee496be7fd8774ef	46.48%	RiseProStealer
2024-04-17	n/a	exe	37e389db3f9b285e00e11260c0c3656e026f0627bfbbe42b3e9e07f8899f5838	49.30%	RiseProStealer