URLhaus Database

You are currently viewing the URLhaus database entry for http://proxy.siteterbaru.xyz/css/0a839761915d.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3229720
URL:	http://proxy.siteterbaru.xyz/css/0a839761915d.exe
URL Status:	Offline
Host:	proxy.siteterbaru.xyz
Date added:	2024-10-11 07:12:12 UTC
Last online:	2024-10-13 14:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	vxvault
Abuse complaint sent (?):	Yes (2024-10-11 07:13:09 UTC to karina-rashkovska{at}ukr[dot]net)
Takedown time:	2 days, 7 hours, 29 minutes (down since 2024-10-13 14:42:35 UTC)
Tags:	exe LummaStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-10-13	n/a	exe	df708669748da15221b332a5333132c5d04adf1d1efcd2c0f01092fadaf87507	n/a	LummaStealer
2024-10-13	n/a	exe	8f335aff05e40168ba8b64781bbb5c6e6458e97811e6a6482500fe5e0c1d165d	n/a
2024-10-12	n/a	exe	fc190ddc114895e0de12c38135eebb56bcd664b78c2294d9a83bdb1c3c999c82	n/a
2024-10-12	n/a	exe	63d5481923993c1e291ef5b4455c4ba887cf9e6cc66ec85a1aa8d284ee2aa353	n/a
2024-10-12	n/a	exe	88461493960823df7a8c58d62026a2bda1206ef2f30c4fe1af2b4d2b2042e5e3	n/a
2024-10-12	n/a	exe	9f3bc1182dee3e90273eab3d7eaf8859255a54c08c470e002618c8767cc99e8b	n/a
2024-10-12	n/a	exe	5eca8c06c642d5a5f894f5b990990c95c2d67233bd5a7ee52ad98d3128cc959b	n/a
2024-10-12	n/a	exe	8ff4aa0b5b0bd79e00f0860db226e479c4fe60fa1d64135937b650d2df00c82e	n/a	LummaStealer
2024-10-12	n/a	exe	692e18c98744aabc11616f6005b808a35733d232bb2f328502fb83c2038b869a	n/a	LummaStealer
2024-10-12	n/a	exe	b1e6701083e5995a6f9be508fcb8f3e076373f8e26d55d954566d13a0094d3d9	31.34%	LummaStealer
2024-10-12	n/a	exe	daf81bf83d4a888fb8e6f82b3d046ba08f3dd56b28335d3a649db48004942995	n/a	LummaStealer
2024-10-12	n/a	exe	35d22e2fa64556f16adccbec55e29a3d01973554bf54d1df949de71cccf5756f	n/a	LummaStealer
2024-10-12	n/a	exe	c24bf3b3469ad24aaaa6ed50c74c261063e640557b9e6cdc14e70194238e023f	n/a	LummaStealer
2024-10-11	n/a	exe	0a99c9efcf635e7fc0804e86009e2f8054ef01315127186be578823bcd4f14c7	n/a	LummaStealer
2024-10-11	n/a	exe	ceb13e9621a114655dbb06a2a16e710d70adc450fdaa778a0166516c17037c44	n/a	LummaStealer
2024-10-11	n/a	exe	1e4f778802a5828eaede5d79f301f27ef14ae074058e36ef6d9e2509426c17fb	n/a	LummaStealer
2024-10-11	n/a	exe	81908c738fa6e446c2821e374d63eee54b1660d0b957997fb4f9a469a190674b	21.92%	LummaStealer
2024-10-11	n/a	exe	a1475ad37becc7ad3be5f6c7d7e2bfb24988d1fd4ee1cff65674346162b3f27d	n/a
2024-10-11	n/a	exe	9534c98b290d9b58477b59ca2ee4aad8c617ce3bb769435b400fea796e0c6806	n/a
2024-10-11	n/a	exe	e5c21e6655572c8096cd0b5dbcce06fc1ca273ef0823093f9253ebc032dbcfe9	n/a	LummaStealer