URLhaus Database

You are currently viewing the URLhaus database entry for http://185.215.113.97/files/fate/random.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3439519
URL:	http://185.215.113.97/files/fate/random.exe
URL Status:	Offline
Host:	185.215.113.97
Date added:	2025-02-14 15:31:05 UTC
Last online:	2025-02-25 17:XX:XX UTC
Threat:	Malware download
Reporter:	Riordz
Abuse complaint sent (?):	Yes (2025-02-14 15:32:05 UTC to automatic-abuse{at}eliteteam[dot]to)
Takedown time:	11 days, 2 hours, 15 minutes (down since 2025-02-25 17:47:25 UTC)
Tags:	exe LummaStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2025-02-22	n/a	exe	5654aa0407c06a1dd21ad9c169b082683297b32a967bbd5cef28bb935f1885c7	39.47%
2025-02-20	n/a	exe	0049db5a9a2e97c4878b2c2185c88ed3c27336b244e8232558bc4d25e6579a90	n/a
2025-02-18	n/a	exe	906bba1ebdb3cb9cc5840fda24e9c0c9147e779e1ecf479910d04b6ef5588bd1	n/a
2025-02-17	n/a	exe	713e92e6b5f368bb1208f55f80a3353f8ffa25a97f914fad517032bf923782c9	n/a
2025-02-16	n/a	exe	6c10468ad2fc3e51d3599df5d43b2a06f0781a6594f4119a8bb9b4495aaa76ec	45.83%	LummaStealer
2025-02-14	n/a	exe	268ab7cd89f77eb147718766428f4ea5dd4e54af254fd9b8892e95a0c5d9597f	n/a	LummaStealer