URLhaus Database

You are currently viewing the URLhaus database entry for http://males.mugutu.com/ldms/9dd06d870941.exe#d15 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3218081
URL: http://males.mugutu.com/ldms/9dd06d870941.exe#d15
URL Status:Offline
Host: males.mugutu.com
Date added:2024-10-06 20:31:06 UTC
Last online:2024-10-09 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Status unknown
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Bitsight
Abuse complaint sent (?): Yes (2024-10-06 20:32:09 UTC to karina-rashkovska{at}ukr[dot]net)
Takedown time:2 days, 17 hours, 6 minutes Poor (down since 2024-10-09 13:38:21 UTC)
Tags:dropped-by-PrivateLoader LummaStealer Stealc Vidar link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2024-10-09n/aexe 743066ea0e49b30514250a6cf9a6b948448bfbcd33736f86a9ce5bfca5742dfen/a 
2024-10-09n/aexe 5ab5d7f06782bd5931370a8df51fff9d0cc04787bfcb54a15e4e21dc6450eac9n/a 
2024-10-08n/aexe 1a1bbb2fa0c4c7754da0a4ed0cc82e59a1ac7b43bbe707c737df08745f82c606n/a 
2024-10-08n/aexe 1cc083788c2e988eed0bfd230614b759de7a791975a64391403eff4ae8f6cd72n/a 
2024-10-08n/aexe b101d104360ce72e09b6cdee5602349903d2a128a4304b0815d819428246b5dbn/a 
2024-10-08n/aexe 9373941957ffe079e76d8d52e511af7b2bb808a32bb42861b7140d9674893e2fn/a 
2024-10-08n/aexe df18c8448bad3b5054bce4b7ee9bc513c0aab94cc75b4048f65d583cea239664n/a 
2024-10-08n/aexe df881c673320ea035ec41182b8f2eaf6fe2c2c94f33e7871c2596be711b79fb7n/a LummaStealer
2024-10-08n/aexe 7e60b7f563e626de6426c74c22a0722709670da54e53bb22d71e6f993a376d9bn/a LummaStealer
2024-10-08n/aexe f660ac58833c49dde529dd0a25ddb070b5b85c680c334ce216f4a1638e60b012n/a LummaStealer
2024-10-08n/aexe 7dc3d6e633cbabe95c39fa36f94ab6657e3c04dab7a9a6c1f79c9e2424378e00Virustotal results 44.44%Vidar
2024-10-07n/aexe a975228ff3dd9eac2caa7ee214ae3a13abb605f72b12dc9000426b2a4b57c538n/a LummaStealer
2024-10-07n/aexe 972cf2b4f77057dfd2b78ebe9fd3a1ab9814141332bcf0e610936d975e89a008n/a LummaStealer
2024-10-07n/aexe 63ca62f5f0010838bf12974c4c8fe1586872dd461deadfa2f584e04422f943e2Virustotal results 43.06% LummaStealer
2024-10-07n/aexe b55660e3de289d075208b998498d8e1009efa144d849615032769e8c430f48ean/a LummaStealer
2024-10-07n/aexe 3479c3a4fad8367f04e1e1bd45caea65df43654fa6e534614ba5608894ccbdefn/a 
2024-10-07n/aexe 5ec59aa04eaeca96a6821f4d2455016eed3af2df0f468fa6eb6bc4791d52406bn/a Stealc
2024-10-07n/aexe 281b1852931e3ec2ad170ea338067b2380404d6d2c2ea3ac0ed915fbff589152n/a Stealc
2024-10-07n/aexe 1ffac95d1d8ab10872e76e44ed9b86601e7ba4271b4be2c51f44958c1af42d2fn/a Stealc
2024-10-07n/aexe e437eb30f134d1ea8b42669abb2a5a94727d4c702053bc4ae093ec93ce1a489an/a Stealc
2024-10-07n/aexe e9138dcd2542fe9becf42eafd3ad07b3df3531367e7d98315cdd0ac5c3490464Virustotal results 43.06% Stealc
2024-10-07n/aexe d0be62dbf14eeeb193c4b0d460abc67d6173420caffe527ccfe81e9f269c7f8en/a Stealc
2024-10-07n/aexe 9114673029dbad6c77412250deb7679c9b307f775179296e8cd712a235dd1666n/a Stealc
2024-10-07n/aexe b731087236662a029e0bb94b08212b7fdf131a071862613c4531c02712b3f5f9n/a Stealc
2024-10-06n/aexe 14970e8dfeec4ff1c9c60d9cea17b84544f7f671d8d9b5c6f17d637fb6f94bd2Virustotal results 38.89%Stealc
2024-10-06n/aexe af7db44f0971145d05b8ce1757fc2f8d0f549f39d2ea1818a96851f8d1df07ebn/aStealc