URLhaus Database

You are currently viewing the URLhaus database entry for http://147.45.44.104/yuop/66b4f6893d3c3_shapr3D.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3097681
URL: http://147.45.44.104/yuop/66b4f6893d3c3_shapr3D.exe
URL Status:Offline
Host: 147.45.44.104
Date added:2024-08-09 14:01:22 UTC
Last online:2024-10-22 16:XX:XX UTC
Threat:Malware download Malware download
Reporter: ninjacatcher
Abuse complaint sent (?): Yes (2024-08-09 14:02:28 UTC to karina-rashkovska{at}ukr[dot]net)
Takedown time:2 months, 14 days, 2 hours, 36 minutes Bad (down since 2024-10-22 16:38:29 UTC)
Tags:exe GoInjector infostealer LummaStealer Stealc stealer Vidar link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2024-10-16n/aexe e279aefa8076d77b536ba18c00265c629a805033bbab46bb7b99d2aeee1a8854n/a 
2024-10-13n/aexe fc5c299927789c2b931eb3017be2a6ae37ff90827ba7588c6aa1b5c5c9d7c998n/a GoInjector
2024-10-11n/aexe 7eab083365b9b4b341daf1a0892b35c7bf2fa4e5c31d4dc0df2116822fbdc2f8n/a 
2024-10-11n/aexe 9830396a3d72de3e2e4363830ed0a8d25f74440fcb2e8a14aa8833b78621983an/a 
2024-10-09n/aexe d01a043579765acfa6d860562142743902c0f2f7798fad0e5a25305c77116a11n/a 
2024-10-07n/aexe d06b889b4b7790f764b53d012ec816fc8f31f49cd7eb1014f9ddc93faafc72ccn/a 
2024-09-27n/aexe 3e5efbcd118e157fcfd6e7877f3856732417351fd3796a9103d95432d959bcc1n/a 
2024-09-16n/aexe 5f0aee8eaeecbfd0976e1628d2da198ad6d59a88abe9edd67c4718771e40e47an/a 
2024-09-11n/aexe 8ee37d9e40a82d48991edea03de1430bd8f605b63848f9d14e4799974b29e430n/a 
2024-08-23n/aexe f5e3bf100e78a0006c89a3867145f173da7bd1a61d40d0f0fb706b137562cbc1n/a 
2024-08-12n/aexe 0ba86029b25a9ef94a0d31e890c9f725fb78cd77f1bad7548c1a9e6e3bf7ba7an/a 
2024-08-10n/aexe a1e2513ce8240c3cfb03fc472771495eecfe7e1a327b9f3459057044784c9bden/a LummaStealer
2024-08-09n/aexe d4aafdf7261fb41ef48370eca3e4d70a9086528d7c3d14fc8c82fcb8b69710cbVirustotal results 12.00%LummaStealer