URLhaus Database

You are currently viewing the URLhaus database entry for http://185.215.113.209/inc/Firefox.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3338017
URL: http://185.215.113.209/inc/Firefox.exe
URL Status:Offline
Host: 185.215.113.209
Date added:2024-12-09 08:14:49 UTC
Last online:2025-04-28 11:XX:XX UTC
Threat:Malware download Malware download
Reporter: abus3reports
Abuse complaint sent (?): Yes (2024-12-09 08:15:22 UTC to automatic-abuse{at}eliteteam[dot]to)
Takedown time:4 months, 20 days, 2 hours, 51 minutes Bad (down since 2025-04-28 11:07:15 UTC)
Tags:185.215.113.16 LummaStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-04-17Firefox.exeexe c89b581bcad73b257153edd67042d95a8a4222ae368c976b8d2b8b2a380adeb6n/a
2025-03-15n/aexe 3d72cf7188ca131758fd4e12ef56d73475ee50b23088c78ba317335a16ca6134n/a 
2025-03-15n/aexe 6371905a145ca8dba3134cea262264b39c0d9ec8e25905c47dfc3ffbbdb11541n/a 
2025-03-14n/aexe 70885775cf3dc518a9b0001469604ecc9c748e3c6ec02915dd814c6eab9e0991n/a 
2025-02-28n/aexe c84ab3d1f49868b3eb3a6f20c4b1d20b48cd1a0cb508030386bf5f9a3671e0cfn/a 
2025-01-24n/aexe 42c37a73a53e9ba724809193e11023da05203c47c5cfe9282a541f907e51781cn/a 
2025-01-16n/aexe 0a6447e1862faf41e8f9ffb4f4456b65ee329fab0681f1deac020064ae2b7e73n/a 
2025-01-06n/aexe 494ce738c105f7c9cb2fd084603d5b8a9ba203248ff462957fc2ef218e2e0e36n/a 
2024-12-10n/aexe eacc4833a0d26ecf72220b635be266dc96407b3b93c49f1ea93321d702cbeaf2n/a 
2024-12-09n/aexe 9edbe8d6aee72e51c4d49d259faf757c71470e2036cb72d151d19512fbb0ddceVirustotal results 59.15%LummaStealer