URLhaus Database

You are currently viewing the URLhaus database entry for http://hans.uniformeslaamistad.com/ldms/04a4f32fae41.exe#d16 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3209563
URL: http://hans.uniformeslaamistad.com/ldms/04a4f32fae41.exe#d16
URL Status:Offline
Host: hans.uniformeslaamistad.com
Date added:2024-10-04 08:20:09 UTC
Last online:2024-10-12 20:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Bitsight
Abuse complaint sent (?): Yes (2024-10-04 08:21:10 UTC to karina-rashkovska{at}ukr[dot]net)
Takedown time:8 days, 12 hours, 16 minutes Bad (down since 2024-10-12 20:37:13 UTC)
Tags:dropped-by-PrivateLoader LummaStealer Stealc Vidar link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2024-10-09n/aexe 48c9e1cce6868ed1f46051b8898643c59545185e16600f15bd54ce86a74f766aVirustotal results 30.56% 
2024-10-09n/aexe 6091ed0ebef8b9521789423353b160e92490b4aaf0210d2f662f6cddecd60bdfn/a 
2024-10-09n/aexe d82e874080e57c1fc7adec4e76df8cf71d72bad959070b0bf717e707ad3a209cn/a 
2024-10-09n/aexe 59eb156c40a5708be145afd4ad609a76064a0f6ec5d883af64d133d3d7726566n/a 
2024-10-08n/aexe bbfe361a90489fa7a5e7bb26e8b258046fb54d27c3dc2e793fc940404588ff10n/a 
2024-10-08n/aexe 162b6ed1a900345d19b2be2845612e693148ac8eeba395c92cce1d0dd46e6027n/a 
2024-10-08n/aexe 98819136332690c3a6755cda33d056be9d713346d7317b70a2bcdb2f68c5f90fn/a 
2024-10-08n/aexe fedc791647e435252f93b5fd03af2c8f13569757b9263aef1c6e5a5052b7c848n/a LummaStealer
2024-10-08n/aexe a15e56a6de648104ae86905a0c55915cb744ddb5854993c9734642fb8c256b03n/a LummaStealer
2024-10-08n/aexe 1aa4d5cb4a762827d5def56f9bee1a983e5a2f0b03ca51c8fa23bc01dc044f40n/a LummaStealer
2024-10-08n/aexe 2f2c13a8d15880f1b8c5445f4fb93280749fd126ca25075001a3f70b1075c22en/a LummaStealer
2024-10-08n/aexe 5a99fc14e5814146ccb779d8919cdea49044575153a14a1507f6824704624265n/a LummaStealer
2024-10-08n/aexe bc42eefde4c02237fe30e73c6ba8cfcc24efe3fa0728a6552ffb71c5fefc4850n/a LummaStealer
2024-10-07n/aexe 50c6f81caeb1d10861cc18552340a8bacd440a6777d900c00d5bef3d8d402b1fn/a LummaStealer
2024-10-07n/aexe 669520f903f4178a0b5365327369eab98a3e595dddcf1164324beeae8fca8b0cn/a LummaStealer
2024-10-07n/aexe f3f43fb9e2530f414ed78fd4722853cec81de70e82b83eccab80f1e100dec157n/a LummaStealer
2024-10-07n/aexe 09fe3a5ee3b3fa9ac60aabd0b23263844c3cad51196e3a256ffd25340ebfb404n/a LummaStealer
2024-10-07n/aexe df3f1879106ed6462f206a766c4cd2a3b67256e9c42c85003b486b7151830daan/a Stealc
2024-10-07n/aexe cb5df87530d0a5475b11bafea977abf756f1a791793116b8f94a247467ff6077n/a Stealc
2024-10-07n/aexe a7ffb81a5b82b4a7ed21109ed43f4f9cae0ea58ef5316b0f1e4193222766e3a8n/a Stealc
2024-10-07n/aexe 0c9188a82094a22ccd650f4035d3c39aadc4ce8d8f205516ac5348d0e24a0350n/a Stealc
2024-10-07n/aexe 1bf569fa9c438a489c59a9d6a3986e43242bbbfbd62c04e871b579e6c4ab50e9n/a Stealc
2024-10-07n/aexe 6a75883103f5db0ce538c52fb1be6388be2729962cbd4dadd782794560b59d33n/a Stealc
2024-10-07n/aexe 931ac54db53c787f4138e73535db1664fc22cfbd9957b53d4c5135bc8a0dabd5n/aStealc
2024-10-06n/aexe 3fcdf71c27da4e13b3b399eaf029cba9434be625de3859a898509ccb9b95387dn/a Stealc
2024-10-06n/aexe 26704b102b13f5cf658233ce18a1360d3d58aa60d72b7568c1163ac587f2edc5n/a Stealc
2024-10-06n/aexe 161200859dd96cbe6aaff090417e445ce89b99d40857b9e3c3f86b9609513c03n/a Stealc
2024-10-06n/aexe e85dbbb6d160af67841d8cef7f16882619b566c5b5c7fe8557b334fff047b661n/a Vidar
2024-10-06n/aexe 20a883f2d906dd69764dcec1e43c8220e968b18ef544687418126c3d5f35ad88n/a Vidar
2024-10-06n/aexe edc84044f8c15d26ea259fe07dacae7364214a0299d85efefb494cc7918f9c1dn/a Vidar
2024-10-06n/aexe 615539d05f8024a222fb9082ef4cc72dd496a4d016bc56ff053b6842c12a2f4dn/a Vidar
2024-10-06n/aexe ee4beae6737cf80ee6aa1c3df61859f6b03e49fb492e962c46ed23ad1e91d612n/a Vidar
2024-10-05n/aexe 02141916f0fa91504408c85f6913da2608ae77177a4af0fccda3098b5d1efa50n/a Vidar
2024-10-05n/aexe 723249549b2d9cd77bca922fa35ed9efbd7c4dfdfb9267b67a29a53047940728n/a Vidar
2024-10-05n/aexe 716aba298aea66814492a57772b8a6cd0f42c8b6b764502a7e5769266d6ede77n/a Vidar
2024-10-05n/aexe d687aaff5f17b9fc8f993a7d7d21e16d10dd9626eb83d2a4ab1621702a5651ddn/a Vidar
2024-10-05n/aexe 02bbd4e1a3ec1893c6e07346d0066940238d35843fa2b2590da94dc2d7bac02cn/a Vidar
2024-10-05n/aexe e45dcf7163f11fe683793f8083790bd1b8f872969cc7fe557accad3442ebe5f4n/a Vidar
2024-10-05n/aexe 422aa459ae8e47e6138e06bf2b886084ce73b2227e02a7aa340ba86866ff1da8n/a Vidar
2024-10-05n/aexe 7aaee2d58d5c005c948efd62dd42907e05b6e95748e6b8342d7ef2c0e085c746n/a Vidar
2024-10-04n/aexe 87f0d344c75ab666d79b28867a40058cd5d7c1782ea61c9d23f1479e992b1661n/a Vidar
2024-10-04n/aexe fc2a4d4fef374433c25f88a833a683218575fd9e924ddb7a6b867f82145dd6a1n/a Vidar
2024-10-04n/aexe 22148fb016ed09214857719fc3e14aac6656add8adb1454089de46f77b716105Virustotal results 40.28% 
2024-10-04n/aexe 19cdcc294ac181ab52886db73a44505f851f845c9e7d512dc632a2e42fce7b57n/a Vidar
2024-10-04n/aexe 3ecb981d97636719b5c30d440a4675d4f8a4b151eea569596c3c4cbe0aa6b397n/a Vidar
2024-10-04n/aexe 1d5af11e3098978f839dcb388ade23cb83fbd783ae91ed60eed137d646d9a8dbn/a Vidar
2024-10-04n/aexe e2adb4972d92042b73a52b6c69b1ead44a797e721130883fe3662b810ed6fed2n/a Vidar
2024-10-04n/aexe d4a5e8c61f9584b8556d56eeb61c1542b7f693d4b6730d5a9735e2b9e2a62905Virustotal results 30.56% Vidar
2024-10-04n/aexe a2e074e36c51f11ec8b4a52a52a5de439093f5f90326be0c30b84b51e57d00efn/a Vidar
2024-10-04n/aexe 2ffef01bdc9bae49a79e618e8300421e0bb8aa08b2d0c81fbea2b76d12c49375n/aVidar