URLhaus Database

You are currently viewing the URLhaus database entry for http://185.215.113.103/vera/nate.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3184548
URL:	http://185.215.113.103/vera/nate.exe
URL Status:	Offline
Host:	185.215.113.103
Date added:	2024-09-21 13:08:05 UTC
Last online:	2024-09-28 00:XX:XX UTC
Threat:	Malware download
Reporter:	Bitsight
Abuse complaint sent (?):	Yes (2024-09-21 13:09:07 UTC to automatic-abuse{at}eliteteam[dot]to)
Takedown time:	6 days, 11 hours, 44 minutes (down since 2024-09-28 00:53:27 UTC)
Tags:	Amadey dropped-by-PrivateLoader MarsStealer Stealc

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-09-27	n/a	exe	d97ea33a0e542b7f0c09660804644a80a364a9dc6bff8d67f56a46a6482ff8f9	51.43%	MarsStealer
2024-09-27	n/a	exe	edc9cb8db3fafd7737aeda3122a8a4b967cf4e79887ef38910dcfd6b2e99b635	51.39%	Stealc
2024-09-27	n/a	exe	f302fb495483ed24ae836bf696ce0337ba39464b0c80a99f7eb1c0dcfe96bc3f	53.42%	MarsStealer
2024-09-27	n/a	exe	aeb0218c5ae46c5d264100339920bca9c56a8f83b0a37383dbea2e33683d35d8	56.16%	MarsStealer
2024-09-27	n/a	exe	5947b0b670dbb94778390c83aeb091874f10cb952b2dc3c459ac0e23f380a523	n/a	MarsStealer
2024-09-27	n/a	exe	7182c9ebd0b63ecca32ddca0918125ba97ba67cc393297a269d1a4be87dabf9b	54.79%	MarsStealer
2024-09-27	n/a	exe	e9de85feb66ce1df0a5000fcd7e7b802ec0dc68c09ceba8f78f2ee42d2d9fe86	55.56%	Stealc
2024-09-27	n/a	exe	162e527a19799d2d3ace95ca315eba1ffa0fd4fd3eac247a26b41212033b2863	50.00%	MarsStealer
2024-09-27	n/a	exe	c1cd69890f1f81efd491b94bfff2d9e1263f4a843fc42b649aac082cf378f3a8	n/a	MarsStealer
2024-09-27	n/a	exe	6a3d7bcaf7fcd1ce511dea3e3eaafcf425d1c98c2c6d3e94b6b5bb66bab866f1	52.78%	Stealc
2024-09-27	n/a	exe	9b1d39c43d21c59dd88111e091a555e1de83b08d91b2fe5c17d9af7323022026	52.86%	Stealc
2024-09-26	n/a	exe	a67b224f6e0df8b93806ed24cd1a09afb539d242add6b52f63600f28b65b3d1d	n/a	MarsStealer
2024-09-26	n/a	exe	88e31cac8e771a560163e9e270d04e1b803c7c78cda1845dbc0ea7af5366d707	n/a	Stealc
2024-09-26	n/a	exe	66157b51bb3cf15e86bb9726ef16e8453bda847c90c53039933773401c8f4359	52.78%	Stealc
2024-09-26	n/a	exe	c1d364fff61cba5386dbf991428172dae8f529d70e3700ff7c53892ce70beac2	54.17%	MarsStealer
2024-09-26	n/a	exe	f6fd7c1f4ef9d4656320ec6ac9fa28ce1b14c66dc9594eef604d4ba82f74b2ad	n/a	MarsStealer
2024-09-26	n/a	exe	0a4ec4fbd55120181c561f1d2fd8f83245241e2d82d9aeb365eb5630ecddab33	n/a	Stealc
2024-09-26	n/a	exe	db8efd737c60da1233a238e9491161dda941173efafd68b6edf3d0ff1887b4df	50.00%	MarsStealer
2024-09-26	n/a	exe	c95ae246f56260762aaa2107359701d082c15d31d3721f48d37f560b150a8284	n/a	MarsStealer
2024-09-26	n/a	exe	22738d7a6835f38859a207c6f9d971a2935503ee8f5bdc83f9e9baaa63ac54ef	n/a	MarsStealer
2024-09-26	n/a	exe	7d5a67cf4047faff0c3fd6eb410c23c6afacbc44c2f32d0ebd7b035fa6714eb4	n/a	MarsStealer
2024-09-26	n/a	exe	e6dc69dd2c58c510a8a10593b4fbd5e9a4573fa2dcdf178c292e8b1fb7a13795	46.58%	Stealc
2024-09-26	n/a	exe	2bfddbcb4dd663dbbb2cddabfccbbc2b6ed0448d905cce62909d246d42c1dc35	n/a	Stealc
2024-09-26	n/a	exe	426d73fc31493d322dc896deb7c74422e71fec5a86d5d0c56ab8c566611d4f45	n/a	MarsStealer
2024-09-26	n/a	exe	eb7af749ceda801b4f1635b1ce215a6b7a0f3d6c8703bef9dfa0b46f09f40502	n/a	MarsStealer
2024-09-25	n/a	exe	71dc3327500da80337a73deb8b4161ae844864aeb0985c4c8e058fb2ebac9b93	42.47%	MarsStealer
2024-09-25	n/a	exe	28935c58ba9ff7db26ce5ef94c602b44cf699ef60c8baa457aa8ead7285305a2	n/a	Stealc
2024-09-25	n/a	exe	c0bf32c831d7fadff2f43eca5c168429c2a6c242593fb34112f0c8a4d3fdaa4b	40.28%	MarsStealer
2024-09-25	n/a	exe	d484e17161904927d7107a56782ff86758fce697845a6401b3e4fa443c2dc606	n/a	Stealc
2024-09-25	n/a	exe	76198db64bf16862b47203d12c9b9e3db2474b148cc79030a693a8dc281c1ccb	39.73%	Stealc
2024-09-25	n/a	exe	4b93e08a3c9ca740bf1f6a30799b03a5c143a28e7cff40f8818493fde72ab09b	n/a	Stealc
2024-09-25	n/a	exe	2cef6d9917bbccdc5ffffbf7b687da70e673f3a5dc6923c715e4fc50e0115e17	37.50%	Stealc
2024-09-25	n/a	exe	4f363d41d1e54162264275eb262685aa6508af2edfb2af7a1b1b95034ffa63ee	n/a	Stealc
2024-09-25	n/a	exe	040a58a233ddf5f6bf49e3b5bd4a4fe5d8ae1d764e698b446ca08776863aafc4	39.73%	Stealc
2024-09-24	n/a	exe	5dea0d7ca0ceda1a20692bb09d5809b654729f6e790a29be3cd85366e361641c	38.36%	Stealc
2024-09-24	n/a	exe	63888d07d219d3fe6b89855563ded00621f1673a6b3917a2d0d8aff912787bc3	n/a	Stealc
2024-09-24	n/a	exe	4e9e14031814f3357e673fa0b0ef3cde470d76e7fcec9f2458983d5cadca4ee5	45.21%	Stealc
2024-09-24	n/a	exe	4a96cce33828b7795e1d16e28b8ee86dd1b8356d9fc6e12620cf082abd70dc4f	57.53%	Amadey
2024-09-24	n/a	exe	bec500c67d3108d2e3b302f69c618a296ff09d355a0efd2a3a5681b9e0870616	n/a	Stealc
2024-09-24	n/a	exe	d1dc3eca3c7794fee2ef250e63d99101aaae555751ab83eefa9f8952a7f2c7d9	40.30%	MarsStealer
2024-09-24	n/a	exe	c953d3a9a89733c5bb65a6baa17fb2b92858318dd5b7473f76a432b6f78312ca	n/a	Amadey
2024-09-22	n/a	exe	b8068b7ed8178038b7ca45255c1b6aaa28a5de77c2568568623c5356a4be98e6	n/a	Stealc
2024-09-22	n/a	exe	4d155cbb949bb003af499e7044780760088466a4f1b222579529b938f4bf3617	n/a	Amadey
2024-09-22	n/a	exe	b0b3fbb7e6d578da227df469ee4104d4beeeef07cf0aa969da85ddf73b59f045	n/a	Amadey
2024-09-22	n/a	exe	54792cffb279a9bd7822595556848d6f2b9d832dd295b2485f4ef72aaf5c3bd8	47.95%	Amadey
2024-09-22	n/a	exe	2d5fc696737dcd3f0b0b6b9c167bf9d546b02941c5a971962aec5e3ee954f6fb	n/a	Amadey
2024-09-22	n/a	exe	e58c549481e605cbed39fc4b9bb7250aad77da566d5a84733875e3c6cbcd6896	n/a	Amadey
2024-09-22	n/a	exe	9f38bf3e3e08f8eb68f752246bb01853ff26f1127e07eb7b4561f09db7184167	n/a	Amadey
2024-09-22	n/a	exe	83a230c3297cef0bba8647992409cba4c228e0221def6c651c9bea434a96ef26	n/a	Amadey
2024-09-22	n/a	exe	ae4065e59600b8a77c81a4273983c8ec1a56b7934835065c398c5f44e6608cff	n/a	Amadey
2024-09-22	n/a	exe	4b8388f9eb1348823bd0a6c77a29bce694c7fe2579f16ab83fd07ed6bc4c37b1	n/a	Amadey
2024-09-22	n/a	exe	7fad1d5bf3c2d3837f16a6fdf5f5be2af4bcdb2033d4b5124746f642affa00ae	44.44%	Stealc
2024-09-21	n/a	exe	1996a7a79e6ce7906689e931fcd89febd9be1f6d4abe18a9116a5c3425fd5891	n/a	MarsStealer
2024-09-21	n/a	exe	c3b324d0b36b98ea3cd50498ed0c5b5b850b80a1521d8898626d736375977ec1	47.95%	Stealc
2024-09-21	n/a	exe	9c13d9a449fa5fbc115dc21ac0f8854fc68790685f6cf88e697692d1c6a8117a	n/a	Stealc
2024-09-21	n/a	exe	79851f3214de840ea9fb18ecb3b104bd2bcba48c63054fccc21040c967c923cb	47.95%	MarsStealer
2024-09-21	n/a	exe	777a54bfc70de07fee25e9f2d527a242fb7681f6e86231811f69f030ab00c961	n/a	Stealc