URLhaus Database

You are currently viewing the URLhaus database entry for http://185.156.72.2/files/5296057416/Fv6kVbJ.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3570092
URL:	http://185.156.72.2/files/5296057416/Fv6kVbJ.exe
URL Status:	Offline
Host:	185.156.72.2
Date added:	2025-06-25 10:27:06 UTC
Last online:	2025-07-02 17:XX:XX UTC
Threat:	Malware download
Reporter:	c2hunter
Abuse complaint sent (?):	Yes (2025-06-25 10:28:11 UTC to erishennya[dot]res{at}gmail[dot]com)
Takedown time:	7 days, 6 hours, 33 minutes (down since 2025-07-02 17:01:49 UTC)
Tags:	c2-monitor-auto dropped-by-amadey Stealc

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2025-07-01	Fv6kVbJ.exe	exe	bd395f3593a9c3b08e2d61ad6fe8d3bf43238d918ba14178b5b75d045cb0eec1	n/a	Stealc
2025-07-01	Fv6kVbJ.exe	exe	6189743146bf1bf6b36c310089f4c0d2ce29fafc3f7e25f7285d3db7dd61cf43	n/a	Stealc
2025-06-30	Fv6kVbJ.exe	exe	78e56880a9bd595111ec77f722ceecb0a0dc858387f7cc33905f2ef6d01fd130	n/a	Stealc
2025-06-29	Fv6kVbJ.exe	exe	e56ba8358cba13612431301891da92e7478acf1e186c03badd80c5068e7f1dff	n/a	Stealc
2025-06-28	Fv6kVbJ.exe	exe	34972a4422d8d204120584f01a4806ad259ca925aec41d4fbd8dac0d0306efa5	n/a	Stealc
2025-06-28	Fv6kVbJ.exe	exe	752740499762f5b28d87c3ddb534c047aa9e8e0a179b7698c30b9ac8146577cf	n/a	Stealc
2025-06-27	Fv6kVbJ.exe	exe	c3b72389eba306e58381b4a62bce1d04e1071664dc2ec106e06e59a32fb4e54f	34.72%	Stealc
2025-06-26	Fv6kVbJ.exe	exe	dfc1b5205901c803bbc4a80a3668feab6465c1c0eeb891d760381404c9c6ddee	n/a	Stealc
2025-06-25	Fv6kVbJ.exe	exe	4c157555fd7e61dbf6609613e387591fd254724415105e0f205ed58fd1b32a79	n/a	Stealc
2025-06-25	Fv6kVbJ.exe	exe	5a612f4d19e0af69b7f78a88c8b5c485e574a10d2831692d40db8575a3273faa	48.61%	Stealc