URLhaus Database

You are currently viewing the URLhaus database entry for http://nsdm.cumpar-auto-orice-tip.ro/ldms/9dd06d870941.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3220225
URL:	http://nsdm.cumpar-auto-orice-tip.ro/ldms/9dd06d870941.exe
URL Status:	Offline
Host:	nsdm.cumpar-auto-orice-tip.ro
Date added:	2024-10-07 18:26:02 UTC
Last online:	2024-10-09 11:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	abus3reports
Abuse complaint sent (?):	Yes (2024-10-07 18:27:09 UTC to karina-rashkovska{at}ukr[dot]net)
Takedown time:	1 day, 16 hours, 44 minutes (down since 2024-10-09 11:12:07 UTC)
Tags:	LummaStealer Vidar

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-10-09	n/a	exe	743066ea0e49b30514250a6cf9a6b948448bfbcd33736f86a9ce5bfca5742dfe	32.86%
2024-10-09	n/a	exe	7fff0d19b9da6425a745dd9f902d4380edb69c2fc4a7f3d87f8e6b90c9a2fa5d	n/a
2024-10-09	n/a	exe	3295863006af2db31482e81e08bc048a1db976c138ee7a9794f2777bd361ee1a	n/a
2024-10-08	n/a	exe	a0052ada4a5148350c78277bb0afb46e874e0b44f008b6622c1dac1af7d0f3c0	n/a
2024-10-08	n/a	exe	2c7e4233bf6b94bf8b04616a983f491a252134040927a4c56674cdd22f1f894b	n/a
2024-10-08	n/a	exe	ae3a1d7a318cfa9e3041fd2b95f7e4ae2ea605c132eacb1d11429cec0d520fe5	n/a
2024-10-08	n/a	exe	3581e05352b869c4a3b1af799f38d79af832553ab45dbcac936cb7eb3675acab	n/a
2024-10-08	n/a	exe	3ffa65e3b8389ad5404f6e0592dbefdd1abbfc93da4225a77bc5f4ce471192fc	21.92%
2024-10-08	n/a	exe	59f93df8c5a2db88950e25d1c201fd30491e7340f7bcc0e791cfe157352a0383	n/a	LummaStealer
2024-10-08	n/a	exe	7a947f2289a0cb63b5dae2f4409db33fd73655f2102193b2f8b2e2bd75879bf7	n/a	LummaStealer
2024-10-08	n/a	exe	e6a68a0574ca5064824d6204631eea7f43d85f77907e31b912f805f8e14cdfd7	n/a	LummaStealer
2024-10-08	n/a	exe	f660ac58833c49dde529dd0a25ddb070b5b85c680c334ce216f4a1638e60b012	n/a	LummaStealer
2024-10-08	n/a	exe	3e9bcffa53eaeed8668e7908a9a85b3c2a67608f7c3a1ceba896a8a1f45add76	47.22%	Vidar
2024-10-07	n/a	exe	d6ac96b37f9d39b52a70026c54d6ac6507f79b2bb141d29b3975658974142044	n/a	LummaStealer
2024-10-07	n/a	exe	f9de78505c86a83088e5a02f71e0940cb7b6a5f7302b8da191755dc1d5490ad2	38.89%	LummaStealer
2024-10-07	n/a	exe	95c1d4d9870829c9fc9503cfb401c952101cf9d741d1e3f50f15164179140406	42.03%	LummaStealer