URLhaus Database

You are currently viewing the URLhaus database entry for http://5.42.96.145/mina/poter.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2848144
URL:	http://5.42.96.145/mina/poter.exe
URL Status:	Offline
Host:	5.42.96.145
Date added:	2024-05-12 22:14:07 UTC
Last online:	2024-05-15 12:XX:XX UTC
Threat:	Malware download
Reporter:	Bitsight
Abuse complaint sent (?):	Yes (2024-05-12 22:15:14 UTC to abuse{at}sunhost[dot]ltd)
Takedown time:	2 days, 13 hours, 50 minutes (down since 2024-05-15 12:05:56 UTC)
Tags:	dropped-by-PrivateLoader RiseProStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-05-15	n/a	exe	879b52a48f0b373c91925434204861cf0b65f249c7e66c2e29ae282ad1a72fc4	n/a	RiseProStealer
2024-05-15	n/a	exe	cd967706d18774fc8f37cc6bfb55250f17b4c15a30e2e576a3c42202a2f68eda	50.68%	RiseProStealer
2024-05-15	n/a	exe	1b84f0a88c673faed02221e03872c7f302ff384b2bf58fe4f51dca5e044317ba	50.68%	RiseProStealer
2024-05-15	n/a	exe	4ce20cc8e5491c5253df9cf17c487459d5db19e8c0c5cfcdbd89d9bee4adb4bd	51.39%	RiseProStealer
2024-05-15	n/a	exe	ec586a59102c7299c2ceaa33a3334b05c7d1a7763b48e8cae3f51b25151109b5	49.30%	RiseProStealer
2024-05-15	n/a	exe	81304797747601316224f336021117f583c9c99b8ba4dd9eab6554229d8741fa	50.68%	RiseProStealer
2024-05-14	n/a	exe	fabe4a0d95ca7b6677e40534fbbe3436fcb00efbb2bdd7f94aa171acb660e9b6	50.00%	RiseProStealer
2024-05-14	n/a	exe	a3c226cadf15f608b881c2a19283919b411c2e0987041ddccf310be2ad3c56d9	50.68%	RiseProStealer
2024-05-14	n/a	exe	26b8b132fd34637fe7a4b93a276cdecfa57015c625aa66fda4096e64f7ea8174	50.00%	RiseProStealer
2024-05-14	n/a	exe	50bda577b0e8d4c2c06059628b800efa6f167b06b7f41a0caa2c46e1fa7bbe4c	50.68%	RiseProStealer
2024-05-14	n/a	exe	e10a4226504d4116cf0e07ca737e2561edc8de634ba5be03b8c408a00bb2138c	50.00%	RiseProStealer
2024-05-14	n/a	exe	b018c6e6861c36f990d4da8b427ddc6920b8b5f6913507f0123ccb5b47749a2a	50.68%	RiseProStealer
2024-05-14	n/a	exe	7164ec9c9e7d9934578bf7c321c7a5e9cb43c45c1a267e5167ffb06e1b69c8f4	52.11%
2024-05-13	n/a	exe	7a43f5760dca3ffaec4f62d11ba8d65a593713bb08aca061ca5820fa9f7076d1	50.68%	RiseProStealer
2024-05-13	n/a	exe	c9e55a2ab22f6533b68f8b5e94ac57a070669036c17fcec80d51983bc4c4c601	n/a	RiseProStealer
2024-05-13	n/a	exe	db2f47ec16aca19926f085c7a1f8be5c51338d6fa3aa61ec1b4a4167955d659b	50.68%	RiseProStealer
2024-05-13	n/a	exe	a8aa8bd9f597c01e2bb6347fae67465edd0c4c9c0367590240ff4eaa93014578	47.76%	RiseProStealer
2024-05-13	n/a	exe	7f0b67825d87e6d41781efadc23c5c28e546a1aa6681af6504c33ecc9cc038c3	50.00%	RiseProStealer
2024-05-13	n/a	exe	def2f136dd2cfcddf0f2f3c324cb60690b0e3c593c0e54189502d1cf6df8440a	49.32%	RiseProStealer
2024-05-12	n/a	exe	577c882863773dd3c84a219133a967b6354e89822e871d6ddf954f0c3a2976a9	n/a	RiseProStealer