URLhaus Database

You are currently viewing the URLhaus database entry for http://proxy.amazonscouts.com/ldms/7f3c2473d1e6.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3223694
URL: http://proxy.amazonscouts.com/ldms/7f3c2473d1e6.exe
URL Status:Offline
Host: proxy.amazonscouts.com
Date added:2024-10-07 19:15:07 UTC
Last online:2024-10-12 19:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Status unknown
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: abus3reports
Abuse complaint sent (?): Yes (2024-10-07 19:16:11 UTC to karina-rashkovska{at}ukr[dot]net)
Takedown time:5 days, 0 hours, 15 minutes Bad (down since 2024-10-12 19:32:07 UTC)
Tags:LummaStealer Vidar link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2024-10-09n/aexe 53e0a2da42ca576d96a70ce70f1b1817230456a4e66e6ae58ed4167c260be391n/a 
2024-10-09n/aexe c016811153487b102729ab7a91d93b9663b024d8634cb3b0245a6189c7470e60n/a 
2024-10-09n/aexe dba50cf9e35f2d7b0dd925e85ee36dda346f9396ce883bd7e9b3e44bac8d79a1n/a 
2024-10-08n/aexe 0783750670789c42fbaf67d7c8035743d1047ecc2929f1bcdfe6cac51453f709n/a 
2024-10-08n/aexe 0ab373bebeb1ad02c95c0517983a6c5e0d61a781548f9542101088cebfd328aen/a 
2024-10-08n/aexe a4912840dc1b7230bfd9c89631995da481d23039e0b55905657d5f312bc48a2en/a 
2024-10-08n/aexe e1f6dec156086574076959eb94af6cad8ed9e335ede720e574170819bc6c6278n/a 
2024-10-08n/aexe 2c90b8d93d2a2cdfcbc024099dc866acd34a89c1f4aa597c4f21ab2061a5e2b2n/a LummaStealer
2024-10-08n/aexe 1100ba2f137086b71194c857ae3aac8e41049dd053eed3907cc4a994339ae46an/a LummaStealer
2024-10-08n/aexe 9fd632a5a857337a3c2cc53a566348b1316af37c9f59f9ed18394a54d916a54dn/a LummaStealer
2024-10-07n/aexe d6a1efbe54ac13744f8f8a91ce3600d576fd5751684cb14a904291dcacdfcfc1n/a LummaStealer
2024-10-07n/aexe 0e0eef4dc62fa4388dbc40cd4d7738942abba54bd6808fb6ebb4926d4c0de390Virustotal results 23.61%Vidar