URLhaus Database

You are currently viewing the URLhaus database entry for http://kale.amwebsolution.com/ldms/f2e7fcb20146.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3220386
URL:	http://kale.amwebsolution.com/ldms/f2e7fcb20146.exe
URL Status:	Offline
Host:	kale.amwebsolution.com
Date added:	2024-10-07 18:29:15 UTC
Last online:	2024-10-14 19:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	abus3reports
Abuse complaint sent (?):	Yes (2024-10-07 18:31:11 UTC to karina-rashkovska{at}ukr[dot]net)
Takedown time:	7 days, 0 hours, 36 minutes (down since 2024-10-14 19:07:52 UTC)
Tags:	LummaStealer Stealc

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-10-09	n/a	exe	ddf3c590d0cd0bf3f871c5baa3a84e14428cecf3a929fd2c40d483e3252d45ff	30.56%	Stealc
2024-10-09	n/a	exe	0a2530e420b0eb6117f0a5c517fa2dfbe83f49823f7d6bcb847bac99c93260e2	n/a
2024-10-08	n/a	exe	3420e92e3cba09c0e22f0d50641a4a20d1b4542da6a7706496ab5e380db7dfe8	n/a
2024-10-08	n/a	exe	79dcab12fb6366fd486a8341d9001112a8bc5b56c8dc7c0e466aa406c09e212d	n/a
2024-10-08	n/a	exe	74a62ecaa883cc9a10021ef4fc7129b9f8d6b1d400a2d245e2295cfebf87f93b	n/a
2024-10-08	n/a	exe	48c1073f759732f8f5618c041fc702b6ab0c55aa2470710587ff98237ae801dc	n/a
2024-10-08	n/a	exe	4bc16c5fc21ba9d2c60e9d47d1f7e5b8d83c043f7b2707c7bf0e0d5f58be35c8	n/a
2024-10-08	n/a	exe	dcfd1ffd6098558a62e54890ddc019227f9973676712142c1dd50ba9e4996f39	n/a
2024-10-08	n/a	exe	a4b5361cda81bce7f77a089946579e55c5e7f4d3490eeb717a24b2df5046b240	n/a	LummaStealer
2024-10-08	n/a	exe	38c1660d5da12df35c15a642266247923cdc4c564e80f6d1d729f216554d991a	n/a	LummaStealer
2024-10-08	n/a	exe	3ba82a28fea9fae111b4dd28a63e7ff8ecb8a0100bfb377eb45b8a3c480c653e	n/a	LummaStealer
2024-10-07	n/a	exe	6937f18bfcc53400c0770b258f8850ab7903ad77742e8b965e50442c492974cf	n/a	LummaStealer
2024-10-07	n/a	exe	22595bd9120d6fad0bd0e8caf9700fe6ab5f2805c8903681baddb1bab83819c5	40.28%	Stealc
2024-10-07	n/a	exe	f45d355c1594350d8619dfccb3ba2c035c23b1f5e443bb6df18523d1517781b0	n/a	LummaStealer