URLhaus Database

You are currently viewing the URLhaus database entry for http://31.41.244.9/doku/burda.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3164203
URL:	http://31.41.244.9/doku/burda.exe
URL Status:	Offline
Host:	31.41.244.9
Date added:	2024-09-09 13:56:07 UTC
Last online:	2024-09-12 11:XX:XX UTC
Threat:	Malware download
Reporter:	Bitsight
Abuse complaint sent (?):	Yes (2024-09-09 13:57:10 UTC to dl{at}redbytes[dot]ru)
Takedown time:	2 days, 21 hours, 55 minutes (down since 2024-09-12 11:52:17 UTC)
Tags:	Amadey dropped-by-PrivateLoader MarsStealer Stealc

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-09-12	n/a	exe	23413b888fbcb25c4b8fdd07b60c95402ea09d4b7d591e786c906c64690be46e	50.68%	Stealc
2024-09-12	n/a	exe	bf2775113aa41adedc67907cfbeb8bc1372cc00b39b65841dff1ab604f3f9c99	51.35%	Stealc
2024-09-12	n/a	exe	f539c6ebab703708ab993bacab000fd97274d49364bf0d58a2df6857d7d5d1d7	48.57%	Stealc
2024-09-12	n/a	exe	99e3eaac03d77c6b24ebd5a17326ba051788d58f1f1d4aa6871310419a85d8af	50.68%	MarsStealer
2024-09-11	n/a	exe	0c38ce400b5a99c4d0350fc0e3a5c8f7bb366d73ba850ead3bd63dcc709941c8	50.00%	MarsStealer
2024-09-11	n/a	exe	cc65a55c66501ede8db7f899410180caa449102982130e4ed48a45909156e3c1	52.70%	Stealc
2024-09-11	n/a	exe	dc21dbe83a9a684aa2e77849977a9ab60e8c5b52af4e2a4f4f0aaa148dfda587	50.00%	MarsStealer
2024-09-11	n/a	exe	136d677281759fbfcfe3b706e7de4b5a866834509ce867edbb3b6693c90f2f68	50.00%	MarsStealer
2024-09-11	n/a	exe	c1d2816e557482077a88b8e23581cd82a92dfca70fd1e7ceaec4ba3adbd7d136	45.95%	MarsStealer
2024-09-11	n/a	exe	aee2dcc810b97f1bd7809146f7f33887e806561329c0b6288ecb1d315e4f6740	51.35%	MarsStealer
2024-09-11	n/a	exe	dbe5d0f7237469a486de479008f1abca3d06a8a2b0ad64f26453d00e63000258	43.84%	MarsStealer
2024-09-11	n/a	exe	8b715b6ede4282228d035a69684c3e67328cef609504a7353c5151aa8ffafef9	38.89%	MarsStealer
2024-09-10	n/a	exe	7c4160768d4c205ed30a845b211a04a53f870d55ab8276f0c6de420a0345025c	39.19%	MarsStealer
2024-09-10	n/a	exe	1c3a4f586345aa8bb07fdf7def83b40026080b1af777cdf82f00909282ea87b8	52.05%	Amadey
2024-09-10	n/a	exe	7ec234d569603660080ea0d4a7e4e54e237e519089dddca4c678038cbadcc778	54.05%	Amadey
2024-09-10	n/a	exe	c100650b6bf10ab80dcf2f63ae1b5296e57d89ff1a11476ce2b34c9ece6bfb76	60.27%	Amadey
2024-09-10	n/a	exe	0036da167596292c2f220a56d91f927b6d8998018904fc0cf8dc6e4e4fcbc608	54.05%	Amadey
2024-09-10	n/a	exe	9b79444f799b4643e0332ee52281b406639cc9b7e63c61f7796d1fcfa56c5377	59.46%
2024-09-09	n/a	exe	25741e3975370f8b2c77513a0941ca4263a83ec08e1203c9dd7cfd5c18474794	44.59%	Stealc
2024-09-09	n/a	exe	ba2e11ad994e6e1eacc5c1f73c069d76cd37e4e70edfa0335a40f203f0aa9aa4	39.19%	Steal
2024-09-09	n/a	exe	d89f747d96c84dcd1a704731dd4261f6eb69f1498a05cae00a4635169ce5ec20	39.19%	Stealc
2024-09-09	n/a	exe	75406b44f46f30aed814150ed323b10f34d6e68b585a75b6e9796f556f1cd691	42.47%	Stealc