URLhaus Database

You are currently viewing the URLhaus database entry for http://31.41.244.11/tura/niko.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3205947
URL:	http://31.41.244.11/tura/niko.exe
URL Status:	Offline
Host:	31.41.244.11
Date added:	2024-10-03 01:25:09 UTC
Last online:	2024-10-06 14:XX:XX UTC
Threat:	Malware download
Reporter:	Bitsight
Abuse complaint sent (?):	Yes (2024-10-03 01:26:09 UTC to dl{at}redbytes[dot]ru)
Takedown time:	3 days, 13 hours, 7 minutes (down since 2024-10-06 14:33:26 UTC)
Tags:	Amadey dropped-by-PrivateLoader LummaStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-10-06	n/a	exe	edc4cecc706b346cb826c4cf84f94b7d1cd918bd084841736a279bd434ba2b17	n/a	Amadey
2024-10-06	n/a	exe	16d7f4957e4fbe07e8fe1cd57e83496ebf572ec0d3bae2931ceb314b515d18f1	55.56%	Amadey
2024-10-06	n/a	exe	92b360b9f25aa2f599011d1d83877fef994eb17113fd653e63a02cf2e067059b	n/a	Amadey
2024-10-06	n/a	exe	bdeea4df26f96beb54d885f8e0f5171abb5d6a3180f123e715ba1c829ff3b92a	n/a	Amadey
2024-10-06	n/a	exe	2d67fa613399a5575cf7d08f0c19fe8b76713e15f6487a0e172e34ceb78cede2	n/a	Amadey
2024-10-06	n/a	exe	4746dcb12c46dc12cdfff5edf16d6829bd544bffb1f7d60f7424783c73fc2513	n/a	Amadey
2024-10-06	n/a	exe	f494451254ca17346f3d393d42c147f79e977a0d4b4f7625c3744c58cbbf268a	n/a	Amadey
2024-10-05	n/a	exe	27b09bf2dd3b6545dd7cbd0817c24c60bb9111aebc4e6af76691f91556c213dd	54.17%	Amadey
2024-10-05	n/a	exe	097daacfea7a631baaf75ae51976b85dc74ed3548bb9be57e6976cb4b65f9de6	n/a	Amadey
2024-10-05	n/a	exe	6ca5880703677761658116018020b34930074065ee899f1482b707c42ab35666	n/a	LummaStealer
2024-10-05	n/a	exe	7338e572d2ec7f42b77315c3c159c9fa9b2ee71999af15a12bed97d85627028d	n/a	Amadey
2024-10-05	n/a	exe	621864357892326ea60042a4dc66c7c8390b35b2151ab2c642d5733f160db43a	n/a	Amadey
2024-10-05	n/a	exe	29460f04d8b6813b77d32ba4220fc057eab21895cdb635fca254541506e0da9d	n/a	Amadey
2024-10-05	n/a	exe	bcab931891fdd64fad1c6c2db4a71cd43085494cb7b02274894d8529be05a66b	n/a	Amadey
2024-10-05	n/a	exe	c60f03c1aa7dfedc9655aa06796abd3f6621dfdd2975db1e23f273574392ea83	n/a	Amadey
2024-10-05	n/a	exe	0c0db44d26ba6a1781dbd7b81ce35a751f54cb64fb8691806ffb1fb6b7487674	n/a	Amadey
2024-10-05	n/a	exe	b601f5de57fdb969b5891e6b3e1fb39bc3b8b19c40e5608d387b61c06d937c88	n/a	Amadey
2024-10-05	n/a	exe	564f751cd22e012b53fc97938a7ada2f5ef769e56713b3eca916cc7ddb05fd57	n/a	Amadey
2024-10-04	n/a	exe	d2cbab426619ea4437d8cf9c40a8ebdec8a33fb47f1ad444988d8b66686c9d3e	59.72%	Amadey
2024-10-04	n/a	exe	29a4d509f4ce69d657695ee29a9099449fa82d86829a343fd078d9fe012eee37	n/a	Amadey
2024-10-04	n/a	exe	822b65f1fcdb9164bd340c35103411b811eae238b300c585bcd4721f330e4b82	n/a	Amadey
2024-10-04	n/a	exe	f78a5d3716dcf0b473feec0ad2e0cc8b8bd98f94e06d902ac82bc0ddcceb8b61	n/a	Amadey
2024-10-04	n/a	exe	2c9bd8f07ae20ed82daa5cc56579b87a2e74a16ce12abc8fdd7118cde5689c4e	61.76%	Amadey
2024-10-04	n/a	exe	30ce80cadf04ae5d57ac660f6fd1d17913502b5d4a71ac7a78f754bb695df254	n/a
2024-10-04	n/a	exe	6f7af9607a4736c807468d4b1354124f2029b1478e0b08af90bbe94bccc7e826	n/a	Amadey
2024-10-04	n/a	exe	df708393485e8788787e6292ecef020928ecea7dcde2c5bca9e9868834d2b136	n/a	Amadey
2024-10-04	n/a	exe	41bdf59efc1b3f896d0ccd11b5f1326b1fd74371d42a0b748b354c50abe8ce00	n/a	Amadey
2024-10-04	n/a	exe	f16a08f237ceab9ae7c5d281c97e5bf7602484e0886384804b8e3912c4ab7d94	49.30%	Amadey
2024-10-03	n/a	exe	a7a72700a6016d8667f88810de38b543711a784033db85dd43b26c4936917c2e	56.94%	Amadey
2024-10-03	n/a	exe	2b9a77201b04ffe46e2927d91c390fa0d69153cfa95a4f87765c3c40100fd1e6	n/a	Amadey
2024-10-03	n/a	exe	62efbcb39b3a11652bec4357241dfbe099eb91ee56d6856a531ce7c29c2eb002	55.56%	Amadey
2024-10-03	n/a	exe	aac3f06ed5557c43201e378292028e7e4dea7802cce020cf7bfec26f8e57dee3	55.56%	Amadey
2024-10-03	n/a	exe	45db73cdac73c20ac15510b593273d18a9359fd4bf448ae9a56d2f966e178ce2	n/a	Amadey
2024-10-03	n/a	exe	4c6c74a34118a3207b6720664620c304c535f627bf891b43cfe0b7f7f83b04b4	n/a	Amadey
2024-10-03	n/a	exe	b24587f93e2c5d8ea3cebc2c265df906fcf979f9d8a77a0d9276514c14adb815	56.94%	Amadey
2024-10-03	n/a	exe	c0cfa9b5e4a52c7a788fe0855343e397530fd2a6c05d7b07799779a80b9128c0	n/a	Amadey
2024-10-03	n/a	exe	7812f506aaf981a74ca9c824835bc35e8a3ccebe5afd08eabab2da458576bc32	n/a	Amadey
2024-10-03	n/a	exe	d197066ae68ab7f2c02cfb7aa6e0655e04748301047a71a5140a7ba64e04d89f	58.33%	Amadey
2024-10-03	n/a	exe	1a6fc3b2bda9a9615ec0f20492bd75257b41581e9ccef8d2c04f26642d985632	59.72%	Amadey