URLhaus Database

You are currently viewing the URLhaus database entry for http://77.91.77.82/chupa/leva.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2934723
URL:	http://77.91.77.82/chupa/leva.exe
URL Status:	Offline
Host:	77.91.77.82
Date added:	2024-07-05 15:43:10 UTC
Last online:	2024-07-06 17:XX:XX UTC
Threat:	Malware download
Reporter:	abus3reports
Abuse complaint sent (?):	Yes (2024-07-05 15:44:12 UTC to abuse{at}sunhost[dot]ltd)
Takedown time:	1 day, 1 hours, 18 minutes (down since 2024-07-06 17:02:48 UTC)
Tags:	exe Stealc

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-07-06	n/a	exe	8e75f2282e258d31a73291afe74878e0aac251beeed5163fe9031897e45517a9	57.53%	Stealc
2024-07-06	n/a	exe	6bf4612c1b4d71558e998e0761e3e4b4481c89ae3827622e86a81f46c08d7332	47.30%	Stealc
2024-07-06	n/a	exe	179f7c98dab9536a149dbbeee298e9153c3a01fc94a2c48377118231246200ac	47.30%	Stealc
2024-07-05	n/a	exe	60d7123cafb385bba287360f90d6f682c6397f8feb030ac0d36f4473b779ab3c	47.89%	Stealc
2024-07-05	n/a	exe	441f614bb8a71a458b9f8274f807c33550d0a91304b7b1bc25c23c6cd8d9b616	47.95%	Stealc
2024-07-05	n/a	exe	8e7963520355e4078e56aa0cbb4b38d6ca934a05ae11005a396ff917991116ff	47.30%	Stealc