URLhaus Database

You are currently viewing the URLhaus database entry for http://77.91.77.80/chupa/leva.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2920704
URL:	http://77.91.77.80/chupa/leva.exe
URL Status:	Offline
Host:	77.91.77.80
Date added:	2024-07-03 12:34:09 UTC
Last online:	2024-07-06 14:XX:XX UTC
Threat:	Malware download
Reporter:	Bitsight
Abuse complaint sent (?):	Yes (2024-07-03 12:35:13 UTC to abuse{at}sunhost[dot]ltd)
Takedown time:	3 days, 1 hours, 25 minutes (down since 2024-07-06 14:00:51 UTC)
Tags:	dropped-by-PrivateLoader MarsStealer Stealc

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-07-06	n/a	exe	8e75f2282e258d31a73291afe74878e0aac251beeed5163fe9031897e45517a9	57.53%	Stealc
2024-07-06	n/a	exe	c8d2aaa1fc32eab170c96f95884a85e47a025f8d74b66a9e7311cba9ee88d10d	52.70%	MarsStealer
2024-07-06	n/a	exe	6bf4612c1b4d71558e998e0761e3e4b4481c89ae3827622e86a81f46c08d7332	47.30%	Stealc
2024-07-06	n/a	exe	179f7c98dab9536a149dbbeee298e9153c3a01fc94a2c48377118231246200ac	47.30%	Stealc
2024-07-05	n/a	exe	60d7123cafb385bba287360f90d6f682c6397f8feb030ac0d36f4473b779ab3c	47.89%	Stealc
2024-07-05	n/a	exe	441f614bb8a71a458b9f8274f807c33550d0a91304b7b1bc25c23c6cd8d9b616	47.95%	Stealc
2024-07-05	n/a	exe	8e7963520355e4078e56aa0cbb4b38d6ca934a05ae11005a396ff917991116ff	47.30%	Stealc
2024-07-05	n/a	exe	ce21a22b3d7427ebb8a02ad8fc8df36c07005afc359a5402a16a66862d91fc14	48.65%	Stealc
2024-07-05	n/a	exe	d64aab9e3aa0e3f707bfff0b1179a3d4f1bf4e7335c922a85181f8b3c05e7bd5	45.83%	Stealc
2024-07-05	n/a	exe	d06e1fd08af8234eb7d356343329905327126518eea8bee8e00f10aeaf7d3a09	47.30%	Stealc
2024-07-04	n/a	exe	31cbdcdb540d6bc6fbc616c288f6f7ad7c74fe74eff55a135dafc31853b76126	n/a	Stealc
2024-07-04	n/a	exe	579804532d286ba442de9a9f8b9a20a2d5239eb510558805fa18ec0717182e0f	56.76%	MarsStealer
2024-07-04	n/a	exe	230280a480e2b4301c9beed0e5519c1f72f8c5a2d4193b5f69d7a02f6884bb16	56.76%	Stealc
2024-07-04	n/a	exe	5e3cae26ee0d86cf2c2660baf9d0fc27227173cc8440a94abe5c85a698e0293f	54.79%	Stealc
2024-07-04	n/a	exe	9023777f5529c209b55ac61d14e2a7f978491d14df51268b49d947010f46376d	55.41%	Stealc
2024-07-03	n/a	exe	96a32d13cd84073e06f1b0c27c7daf3192bbce58278fbf5c1270bcae4c0eba37	55.41%	Stealc
2024-07-03	n/a	exe	bf5ba13df7f7549e987f77091823fd0f77ba7fd4514000e60ad9a4c28f949c13	52.31%	Stealc
2024-07-03	n/a	exe	9a501e3c19a488ab6672598e26af59a019c471aaf67adcd1dba4734d7a2b9e48	47.30%	Stealc
2024-07-03	n/a	exe	1721005326a495d40f67f96882334ac18f10008287986e5511ba9dd681f189b0	47.30%	Stealc