URLhaus Database

You are currently viewing the URLhaus database entry for http://males.mugutu.com/ldms/f2e7fcb20146.exe#sp_sl which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3216297
URL:	http://males.mugutu.com/ldms/f2e7fcb20146.exe#sp_sl
URL Status:	Offline
Host:	males.mugutu.com
Date added:	2024-10-06 12:46:07 UTC
Last online:	2024-10-09 13:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Bitsight
Abuse complaint sent (?):	Yes (2024-10-06 12:47:08 UTC to karina-rashkovska{at}ukr[dot]net)
Takedown time:	3 days, 1 hours, 8 minutes (down since 2024-10-09 13:55:08 UTC)
Tags:	dropped-by-PrivateLoader LummaStealer Stealc

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-10-09	n/a	exe	ddf3c590d0cd0bf3f871c5baa3a84e14428cecf3a929fd2c40d483e3252d45ff	30.56%	Stealc
2024-10-09	n/a	exe	3d0be4202906637bd2553570165b8ae414049e3920b217115b11a08c4ae3181a	n/a
2024-10-08	n/a	exe	f2be8662b520d214216060fabb9924d611374a312545b50980fc607666037d29	n/a
2024-10-08	n/a	exe	b528714d2c27568734a5e5e6008e08aace663453a2859cef4b77c838e992e7fd	n/a
2024-10-08	n/a	exe	59e46c48659184ef6d565efd96ac1941d524eee0cb4948d444fdef165a4c8b1b	n/a
2024-10-08	n/a	exe	dcbae6355c7cefa0c340c805cd628a0b03b63a769f2c469e62a37f67959c69f4	n/a
2024-10-08	n/a	exe	ca0692c13dae53703daa3d9e9c2e5432823c9429d4a0ca7207ee2bda6b08d79f	24.66%
2024-10-08	n/a	exe	d4e84d52e2c97c91c9b773072de7570d61c05f9da81638447f85750141581d44	n/a	LummaStealer
2024-10-08	n/a	exe	b387b9e0ac7d941eebd0dd0c2d529aa987612b522ae79d23de989d0180b960ea	n/a	LummaStealer
2024-10-08	n/a	exe	66fbc128c741b0d895e723e7ef1bc7f2a953beda60cbebf55b8f8139926d4849	50.68%	Stealc
2024-10-08	n/a	exe	3ba82a28fea9fae111b4dd28a63e7ff8ecb8a0100bfb377eb45b8a3c480c653e	n/a	LummaStealer
2024-10-08	n/a	exe	0d0973c018dcd19f8636feb053b4fdb94efd4021ecc16d1461ce60dfaf617cf9	n/a	LummaStealer
2024-10-07	n/a	exe	22595bd9120d6fad0bd0e8caf9700fe6ab5f2805c8903681baddb1bab83819c5	n/a	Stealc
2024-10-07	n/a	exe	db9af3bdd8ebd418602623c590a79be750fb2089c26130f1a8a73b56c754f030	n/a	LummaStealer
2024-10-07	n/a	exe	33105a1685207694a3de20a03c82524fe8cd7f0f19fa85ba5d88d6b4d8457660	38.89%	Stealc
2024-10-07	n/a	exe	704465dea60612c850ff0e2fd1e71a3b6066850ff62ab78810fdf1d4a411e23e	n/a	Stealc
2024-10-07	n/a	exe	3c46bbc43c9a2adce29cfd18e5655521c3219117b609a2b299dbdb469b0ed221	n/a	Stealc
2024-10-07	n/a	exe	6ec509de025e5461cc1bf0233f5c8a84799e3c83e55bcb296fdaa034c088ee6b	n/a	Stealc
2024-10-07	n/a	exe	c2b934e58ce46ec2ef25eb0d4064e3b3b7f2d3f23fd903e5a6841f9cd69d6aad	n/a	Stealc
2024-10-07	n/a	exe	565ea9e7eb503eefffc0ae116b762ccb8cac0b88185f8c070427c2e4a002871c	n/a	Stealc
2024-10-07	n/a	exe	9d0155c232643bc30619128aed2f12a37f303a323687fadb5996324a5c733c74	n/a	Stealc
2024-10-06	n/a	exe	6fda89aea72534c26fb6ece1367dc6668c32f2bb01448b9b66863725561e3237	n/a	Stealc
2024-10-06	n/a	exe	16dc2959b3ff4859cd9cf00ccdaab4c0ca299df1af4d975ac99146a859617625	n/a	Stealc
2024-10-06	n/a	exe	8b6ac011018b814d0400c1cc51d578cce3e71f76304c46dc122cd0c9ba66f381	n/a	Stealc