URLhaus Database

You are currently viewing the URLhaus database entry for http://193.32.176.219/shrk.bin which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3581740
URL:	http://193.32.176.219/shrk.bin
URL Status:	Offline
Host:	193.32.176.219
Date added:	2025-07-12 05:48:10 UTC
Last online:	2025-07-22 22:XX:XX UTC
Threat:	Malware download
Reporter:	aachum
Abuse complaint sent (?):	Yes (2025-07-12 05:49:20 UTC to abuse{at}globconnex[dot]com)
Takedown time:	10 days, 16 hours, 49 minutes (down since 2025-07-22 22:38:31 UTC)
Tags:	dropped-by-ACRStealer LummaStealer shark SharkStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-07-20	shrk.bin	exe	0f6dfda8af429acd0083901a927febe3c43a8e1a066645dcca1c0cc8c4d1df1a	19.44%		SharkStealer
2025-07-19	shrk.bin	exe	3fd30cbd849b5026b3b33c62c34df1aa570e7dd12e1d88f2eb27d7d57fae47ac	20.83%
2025-07-19	shrk.bin	exe	c5a2447f541dfcd5c9044962ef32d47079071ec486dc12f4b4c86ad78fbc58eb	n/a		SharkStealer
2025-07-17	shrk.bin	unknown	33096e8cbb5fcd1938db90b317fa5c6a3b37adbc30d635ba92328fbee3d024c6	n/a
2025-07-16	shrk.bin	exe	f12727864186fc323d2fd833c8acb2ddaed553ad53419cc0618fe3c5bd7d019d	n/a
2025-07-15	shrk.bin	exe	94c8939853ae7d48e63f9a58bd4864020e40b50663ad43f53856b0d2dbf8260f	n/a		SharkStealer
2025-07-14	shrk.bin	exe	c38af4b06807357d05314ee8c251f3de39234a3a7c9d1aee05863703428dca01	n/a		SharkStealer
2025-07-13	shrk.bin	exe	c803a446e81873a5a48bc48c3991a1ead32e70776057a70801aa46a9d34eb61b	26.76%		SharkStealer
2025-07-13	shrk.bin	exe	b424d54700f44d073114dfc618c4d402f9db377f813fa6e529b268fe860677fa	n/a		SharkStealer
2025-07-12	shrk.bin	exe	3d54cbbab911d09ecaec19acb292e476b0073d14e227d79919740511109d9274	61.11%		LummaStealer