URLhaus Database

You are currently viewing the URLhaus database entry for http://5.42.96.145/case/danko.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2850834
URL:	http://5.42.96.145/case/danko.exe
URL Status:	Offline
Host:	5.42.96.145
Date added:	2024-05-15 11:31:16 UTC
Last online:	2024-05-18 19:XX:XX UTC
Threat:	Malware download
Reporter:	Bitsight
Abuse complaint sent (?):	Yes (2024-05-15 11:32:15 UTC to abuse{at}sunhost[dot]ltd)
Takedown time:	3 days, 7 hours, 46 minutes (down since 2024-05-18 19:18:15 UTC)
Tags:	dropped-by-PrivateLoader RiseProStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-05-18	n/a	exe	c25ab8c388315de454e2bd213ac67205f0d82d4e7e5bc922136a04b8d199a399	n/a	RiseProStealer
2024-05-18	n/a	exe	1f9138b323146da388a300dc98250f2b05414866a5077c0f1864d778a6b72f0f	53.42%	RiseProStealer
2024-05-18	n/a	exe	fb8f65a7311fd88636d2eae68d064e89b462f534e30a8738955804ee9c952c22	53.42%	RiseProStealer
2024-05-18	n/a	exe	de0b3df3c0eba78706c9b159074b2c5395c82e77e872425e1a8dae7b262dd141	52.05%	RiseProStealer
2024-05-18	n/a	exe	d983682c8cc8801e96cdb6b3c843a49f46525ecb56159f2e038cef7ebcaf0add	51.39%	RiseProStealer
2024-05-17	n/a	exe	209411a79ee9fdaa8b2a16417ded5e3bb8b801fddf882ce698846e89044b8d6c	53.42%	RiseProStealer
2024-05-17	n/a	exe	a2d29e3ca2790d57f26acd4799862276c4cc5166711ce647bf7ffe85ff96bbdc	52.17%	RiseProStealer
2024-05-17	n/a	exe	a9874d97f1e3c4c35f0d0ee4f4b2a31ab20b10bb1b3967eade2d156b2e37f5a1	52.05%	RiseProStealer
2024-05-17	n/a	exe	d7ba6c60671c495121ce1f9e4e8b1c9763a57a78d0920d25078fe31a4cd579b9	51.39%	RiseProStealer
2024-05-17	n/a	exe	c9c462d256003a22abcb86164d0fbf2b8237d80108f12eaf37947e40572aa71b	52.05%	RiseProStealer
2024-05-17	n/a	exe	ba2a05d252b28d956d8675da99ecbd7445958f858cdc5d95ccadfee3db8c85eb	50.70%	RiseProStealer
2024-05-17	n/a	exe	79cf2da3073c778ac05fe9c8450f7c1bea71709142ae8711c7e3d37b4c853f39	n/a	RiseProStealer
2024-05-16	n/a	exe	f6b9705b6bc43727c5d421cc583820c3036791d9b099380834b5004c9803c75c	52.05%	RiseProStealer
2024-05-16	n/a	exe	627aee1b86e768c6a0ac208f373b2ff8408526f62cee2266faa9b03b3cf5ba11	51.43%	RiseProStealer
2024-05-16	n/a	exe	bf7b1bd98a46acbb3854f961b665bfcd8a191a808d440b137b0f44bc52be96ac	50.00%	RiseProStealer
2024-05-16	n/a	exe	cbcee3fdd1e82a6e0f992374d112d5ec658fbefe3169865ce42b5540df6ef696	52.05%	RiseProStealer
2024-05-16	n/a	exe	d6f72f8f3d1e776957329c68b235c07b50e8c8714519a014828149d6b17f6ec1	51.39%	RiseProStealer
2024-05-16	n/a	exe	211213ad833dd439f7147e7b38827b5640368da118124bfc731e98b988663c2a	50.68%	RiseProStealer
2024-05-15	n/a	exe	e4f4b7c47824a98ed000d624fc79ff1d0690b8ea7ce8b6501c3826bd0b1c0dfe	50.68%	RiseProStealer
2024-05-15	n/a	exe	ce3eae1b5ee9329aa39b8317b8965ce5da240275d21b84793ab59274109bdade	50.68%	RiseProStealer
2024-05-15	n/a	exe	9654be08c97d6dc3f94bd6e02901de9afa128740a547fb224bdb1a2a7183d927	50.68%	RiseProStealer
2024-05-15	n/a	exe	9e4490f0d459e056ee2ce1d6d9325f4427200c3ef4fac720bf23b2ebe55b891a	n/a	RiseProStealer