URLhaus Database

You are currently viewing the URLhaus database entry for https://147.45.44.104/yuop/66b4f6893d3c3_shapr3D.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3097784
URL:	https://147.45.44.104/yuop/66b4f6893d3c3_shapr3D.exe
URL Status:	Offline
Host:	147.45.44.104
Date added:	2024-08-09 14:49:10 UTC
Last online:	2024-10-22 16:XX:XX UTC
Threat:	Malware download
Reporter:	NDA0E
Abuse complaint sent (?):	Yes (2024-08-09 14:50:09 UTC to karina-rashkovska{at}ukr[dot]net)
Takedown time:	2 months, 14 days, 1 hours, 11 minutes (down since 2024-10-22 16:01:10 UTC)
Tags:	exe LummaStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-10-18	n/a	exe	8095b115868c8621d33a803e848dcc6ccb607bb124f02e8dc2e3be939cf3999c	n/a
2024-10-18	n/a	exe	e2f46e629c571dae64fb317f89ce1b46a52c49143a1050f149d7b41705b4fe5a	n/a
2024-10-16	n/a	exe	f01348ca00384659e39d1d6c536ed2df0e811d05021c0cdf5e1ba214b3701cbf	n/a
2024-09-30	n/a	exe	bbd8ed8f9e918df4643792ebfd3d4ce58e3635327f51c0be9c996ba66fb3a34a	n/a
2024-08-13	n/a	exe	78d4b585cb103909cebd6ce1ec1fce09093dfdae527a1047a901b546ef0df219	n/a
2024-08-09	n/a	exe	d4aafdf7261fb41ef48370eca3e4d70a9086528d7c3d14fc8c82fcb8b69710cb	20.00%	LummaStealer