URLhaus Database

You are currently viewing the URLhaus database entry for http://185.215.113.16/inc/postbox.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3078753
URL: http://185.215.113.16/inc/postbox.exe
URL Status:Offline
Host: 185.215.113.16
Date added:2024-07-30 04:28:09 UTC
Last online:2025-04-28 12:XX:XX UTC
Threat:Malware download Malware download
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2024-07-30 04:29:08 UTC to automatic-abuse{at}eliteteam[dot]to)
Takedown time:9 months, 2 days, 8 hours, 12 minutes Bad (down since 2025-04-28 12:41:18 UTC)
Tags:64 exe GoInjector LummaStealer Sliver SliverFox

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-04-07postbox.exeexe 787177c7461b151a33ec3703f00a3f6b0b221a43a0464a9ec90b56d10811c6dcn/a 
2025-03-14n/aexe 6146a73df1efb6aa3d9fd8dd4f535e9eab0f6d12acff10ad962a401acf24f96cn/a 
2025-02-28n/aexe e7db930a9770db816ccffd5a56a72bc971fa24457d4cf661180f0b64b075238bn/a 
2025-01-29n/aexe 57f7eb48c00f2cb7b88a0f7b920542775350c11cfe86f63872bbcf022ffd2b31n/a 
2025-01-29n/aexe fb0e7d3cb225e287e0e5e467a234a52712b2ff9900c36c8cd07272dc0ee7c34fn/a 
2025-01-28n/aexe 1a257ae9be5d3aa1c60343bb225ea6f516e6f3a98cb9318f4ea75c7f05f73a1cn/a 
2025-01-25n/aexe ca2ae717f0ae3fec33baea41381981b41b08b81252b1d05fefc4ee9185569b2bn/a 
2025-01-21n/aexe 3282fa997b79bbffe295dd31a413ea5931f548b85b9449fceb3ea43cf4811a47n/a 
2025-01-20n/aexe a99a860edeb0061e856b3039a41902bcaddfb765ceaca74ae173e05197d61b5an/a 
2025-01-20n/aexe 20c9ca7322761509e01568d7edd0175b143ca555b87ef38a40e2c05ce8b4b0c3n/a 
2025-01-16n/aexe b698b87907ba2dcbe3caeafc8668f0def62af75cda8a944d16325839f376f064n/a 
2025-01-15n/aexe 2f0da99a616b1fabbf271eae1d6470fe350343fd5acdd82c60fa84d621a4e499n/a 
2025-01-14n/aexe 6f3e09e1d74f355b17de613b060575e5e5b238fa56f12f67b94837008d71101cn/a 
2025-01-13n/aexe c7315be229a968d89f762a0a77e720812737a182ec08d86355cf32dd3b4d310bn/a 
2025-01-12n/aexe c098894bc911e67fe2fa0fade5c3f1768951ef78ec326b231d6c4c303101fcabn/a 
2024-12-24n/aexe 238d000d4f72673584aa6e8e16e9808e288c295b5c4b82c2e088b5653e2903e2n/aSliver
2024-12-14n/aexe 28371729b31783328e7dd7c82878c55d152dacb9905ff0398010c628d526f290n/aSliver
2024-12-10n/aexe 87aad9f3b92cc9b3d439390103f9560e2085d4713313a7ccd55321b2d7de07e6n/a 
2024-12-09n/aexe dfb0485dcfa2b2d4ea59ba2d94eb5eb8982a3d5880d9f0959bdb42c304c47132n/a 
2024-12-06n/aexe fd513e79fce124ce2dc25162552b961768c2fd842a99738a9aff9a27fdca6f7cn/aSliverFox
2024-12-02n/aexe e6c86fb51bfdd100bd5ddc320ce1cc0db7fc45b7b7e9167e07dccf3d3ee109c6n/a Sliver
2024-10-17n/aexe 4e57f41becd9bd0528d2c8481a3886296cf8aa3bb87493a137ec473e41a481dan/a GoInjector
2024-10-03n/aexe de612eb7e2864e63de8082d2750e21c5f4d3f1170dad23ada40c5fcbcac8b721n/a 
2024-09-28n/aexe 5816628b025e91fafac7f0e2bf1c3f2ba52bd60448acb1ea1f105df7ce9521ddn/a 
2024-09-12n/aexe c65a2dd7a2011cda9c795ed614aecfda24114c1b08c36db4fd4a181b4803aa9bn/a 
2024-09-09n/aexe 637a66a9d1ebc97935ebf955d1d26473f59ca62ad31a3845b335b2c9f3b260d8n/a 
2024-08-21n/aexe 8870f22442997c557a7471e15690595e488c5c59b265a014779e10a6960aecb3n/a 
2024-08-09n/aexe 0c7310970e34170acf4a17f1f2ae2cae8eb7927f67a3cf4ab2b8be34bb2ec665n/a 
2024-08-06n/aexe 219e9419c684e1da5f42ce7fc4b9de24f2316cfe9ea2969ba138e6347be80760n/a 
2024-07-30n/aexe 54092d2fb30f9258ab9817de3b886997dbefdee2963b4d051b70c0309aea99e6Virustotal results 16.00%LummaStealer