URLhaus Database

You are currently viewing the URLhaus database entry for http://147.45.44.104/yuop/66bf6d1018bb1_deskman.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3117491
URL:	http://147.45.44.104/yuop/66bf6d1018bb1_deskman.exe
URL Status:	Offline
Host:	147.45.44.104
Date added:	2024-08-20 12:35:41 UTC
Last online:	2024-10-22 17:XX:XX UTC
Threat:	Malware download
Reporter:	NDA0E
Abuse complaint sent (?):	Yes (2024-08-20 12:36:13 UTC to karina-rashkovska{at}ukr[dot]net)
Takedown time:	2 months, 3 days, 4 hours, 35 minutes (down since 2024-10-22 17:11:45 UTC)
Tags:	exe GoInjector LummaStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-10-21	n/a	exe	bf94b8eca793e328a073ea52c7639b92768342eee6c367c5376f8250a8dbca69	n/a
2024-10-17	n/a	exe	d590247203b249829597d04afb7d5260a6a6324349a26d32377191a83250f353	n/a
2024-10-17	n/a	exe	bb78a8c733a65d1672b9c47d3c309afbf8c2de369fe563901b7cb61e6b0d07cc	n/a
2024-10-16	n/a	exe	0797a9243cf76839504d77b4deb60da422599d2b2ba8eeedb14815b0b4f9a3bb	n/a
2024-10-13	n/a	exe	1c0fb039e41a15aea5905de76b0dceb188d9c680548c7ce745856a06f626f454	n/a	GoInjector
2024-10-11	n/a	exe	cc3c0bb209165fe51528a6f14fc06692a144de9a068c580483fd4f72ff90d819	n/a
2024-10-09	n/a	exe	7af4fafc31a86cf744bd8c997d2f54b52e2e7f2912d0ee21d789959cb803b591	n/a
2024-10-09	n/a	exe	4fd18fc247c4b52e3f19808b06d186dad1b198fc1f4e3b75846a7a1f2bb647ee	n/a
2024-10-08	n/a	exe	d656b72eb20ce7c75e5dc9644c77fda7c91931c68d974f67d1d1b4a472229a5a	n/a
2024-10-08	n/a	exe	938ee4b6f849da813a5261f943ffa2ff5c5d32b673f8cc6925f03829e894b6c8	n/a
2024-10-05	n/a	exe	73746bba57fc0d8dc81f67301a4d2916b304c8b3fc994ac2c0afa79f94416104	n/a
2024-10-05	n/a	exe	78e1f86461c07460797aa64883148087bd5a5a1eff0cf7172831af76ad8b0cc3	n/a
2024-10-04	n/a	exe	1eaa6ca1493a4a8a4fd7c0f7de9cd1a92c48991a0e54489569f13085d2d7aa02	n/a
2024-10-02	n/a	exe	ce042435786dc64ce92113957d4765607fa60ea9ec579e6d740d358099392fd8	n/a
2024-10-02	n/a	exe	4875f1a8482f6df2aec7d22f689c1a82118102ba8ca763995503d24c8a60d0f1	n/a
2024-10-01	n/a	exe	53eedcc67d5580af09ce97142f9d9fc6743017b82acd4026c55d4be2b3fb2caf	n/a
2024-09-30	n/a	exe	b872347e8ee5b0e5ed7079bd107a6d0aef3ca9a9f2429e522f3d53d45e383d47	n/a
2024-09-29	n/a	exe	08f76d9d4d1b92b54b0df5385730c1458200588b21c054560429858cfceea480	n/a
2024-09-13	n/a	exe	4e2212747733a05d679235665989dd5a52cdbac00075036e170e9570a9322a4e	n/a
2024-09-11	n/a	exe	4d7854d1313b21deb4c6dee7ff98c74b6fa1e09df466b28e4a053df60170127a	n/a
2024-08-23	n/a	exe	157bb60d501baae8d364bafda00efcfdf7814122c8296cf7ce1b9b77dc72094a	n/a
2024-08-22	n/a	exe	bb1eac185e6b9472c5a4b8e8dd0a0fb9611fcf3a995dc79b37130e82726220fa	n/a
2024-08-20	n/a	exe	bcad9c21500bf00e52eba9d790a68507d4027eb31a16d40ff41b99de11d7cd54	46.67%	LummaStealer