URLhaus Database

You are currently viewing the URLhaus database entry for http://185.215.113.209/inc/postbox.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3338015
URL:	http://185.215.113.209/inc/postbox.exe
URL Status:	Offline
Host:	185.215.113.209
Date added:	2024-12-09 08:14:42 UTC
Last online:	2025-04-28 10:XX:XX UTC
Threat:	Malware download
Reporter:	abus3reports
Abuse complaint sent (?):	Yes (2024-12-09 08:15:22 UTC to automatic-abuse{at}eliteteam[dot]to)
Takedown time:	4 months, 20 days, 2 hours, 23 minutes (down since 2025-04-28 10:38:29 UTC)
Tags:	185.215.113.16 LummaStealer Sliver

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2025-04-14	postbox.exe	exe	b0bd1fbeee532c42edc0af63a00cbc99ff7ac4628dd57a39dbefba8c17b2e1d4	n/a
2025-04-06	postbox.exe	exe	902eb83ff296365b07605770ba26668bc411a114b9aff76392bcac5b18887777	n/a
2025-04-04	postbox.exe	exe	cd5140e2de5347e0263c72788434b4f08d2d86cc060a2567ae1850e294f441de	n/a
2025-03-31	n/a	exe	00759393dd12291ce10922d696f1d52922b78eed62a4de5be091c38e59d434f1	n/a
2025-03-27	n/a	exe	bf063515891273c765918fe3253de190567388209107106d9084efbc589c8865	n/a
2025-03-15	n/a	exe	6146a73df1efb6aa3d9fd8dd4f535e9eab0f6d12acff10ad962a401acf24f96c	n/a
2025-02-28	n/a	exe	63f8a9cf15e8eb6ed9bcb466ff98ec991ca14e12225d8529d470727162b0540b	n/a
2025-01-28	n/a	exe	72c193380d379eea30f8bce715d208c440146a0efc24be8707085b44d981ecba	n/a
2025-01-28	n/a	exe	f45bbf250f39c61787c9ddb1e499bfd3a272bc55838dcb9dafd49f68353a4c75	n/a
2025-01-27	n/a	exe	ce7aaeb370cf1a881a4e0311e76f9403f9cf8bb3bf0a2f3478dc9922275677c4	n/a
2025-01-25	n/a	exe	3a73dfda4591d20fd7da24678bfa4f7d5123a0fbede23d8c02fcb558ca27a2aa	n/a
2025-01-25	n/a	exe	3147e05549d2034c3c824c79ccb61eb2bee9f8dca4b4e42ecc30e47efa63f294	n/a
2025-01-10	n/a	exe	bda9da305bf0dc41e58ac75bcea73920cca0b7b479f9ac75831e38819d8470f9	n/a
2025-01-10	n/a	exe	ae439b2a33f32668bca14217010a6b863482070e6f3a15ddbe0b825a7db9de57	n/a
2024-12-30	n/a	exe	443bbaca4191bd61493a77cc033f0879d4e1ad8c3cfcfcfb11be546f5176df03	n/a
2024-12-25	n/a	exe	e4569a594f5901d0817956fdee290b38e488d6caaf47848648b10c07c12206cb	n/a	Sliver
2024-12-22	n/a	exe	bb8e116358583fd0a8b9658837d0c9bc9501e9860be9febb9a97d91f3ebc4c52	n/a	Sliver
2024-12-20	n/a	exe	224072771565b9b975b600335ca0db8a146480edcfc2d2f77911776ea1ae5c15	n/a
2024-12-18	n/a	exe	2f0e92e52cea86e748290ebe817eb8fe45e94166d743e09a9482194cf72cf1a7	n/a
2024-12-10	n/a	exe	ffc5aa1770ce1da1dad67760e7b342eb0a033a66e3379ba167928bdd22b3305e	n/a	Sliver
2024-12-09	n/a	exe	54092d2fb30f9258ab9817de3b886997dbefdee2963b4d051b70c0309aea99e6	72.00%	LummaStealer