URLhaus Database

You are currently viewing the URLhaus database entry for http://178.16.54.200/files/5296057416/NjtIeMV.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3619895
URL: http://178.16.54.200/files/5296057416/NjtIeMV.exe
URL Status:Offline
Host: 178.16.54.200
Date added:2025-09-08 13:57:15 UTC
Last online:2025-11-05 13:XX:XX UTC
Threat:Malware download Malware download
Reporter: c2hunter
Abuse complaint sent (?): Yes (2025-09-08 13:58:18 UTC to abuse{at}metaspinner[dot]net)
Takedown time:1 month, 27 days, 23 hours, 3 minutes Bad (down since 2025-11-05 13:01:55 UTC)
Tags:c2-monitor-auto dropped-by-amadey LummaStealer Rhadamanthys Stealc

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-09-23NjtIeMV.exeexe 54db44510d3c25894f89752c667b03e070863c5c86d15ff4c67f5f6564fb9091Virustotal results 47.89%Rhadamanthys
2025-09-23NjtIeMV.exeexe b6a19bf827f3daa9d09cce4ccb40d8f5296c35535fe3c96d007826f4aafd75c5Virustotal results 52.78% 
2025-09-22NjtIeMV.exeexe 2b55a0ee3f82adfcd74007223377be7ea2300162bf764b0644fc6fbbda51e709Virustotal results 48.61%Rhadamanthys
2025-09-20NjtIeMV.exeexe 36e0e1035885f9775f0e331707d691654bde8697a77b707098050022e1b812a6Virustotal results 14.29%
2025-09-18NjtIeMV.exeexe 6e08fc7b1a2dd760d6fa71aa021431b9348a5dbdec50b6af5aac0a8ef58fd327Virustotal results 43.06%Stealc
2025-09-17NjtIeMV.exeexe bc7be66a20af3d60ad64e90f239461847692c8bdcef8b0da1ff3a455cc048b19Virustotal results 56.94%Stealc
2025-09-14NjtIeMV.exeexe 52609ea7740d822a68c57a5451856251a4ef2ab2b25d8ca827628415efa89515Virustotal results 61.11%LummaStealer
2025-09-12NjtIeMV.exeexe 05cfc80731d47b20da51aeefa922b5c544c43aaab81c43eaf8648a5d0a52272cVirustotal results 52.78%LummaStealer
2025-09-12NjtIeMV.exeexe 0a3cc63c616fa98026a4aaef9340d59e39f038081cf55560d696cc4258d6de04Virustotal results 49.30%LummaStealer
2025-09-11NjtIeMV.exeexe 647a8901c3c62add53d7a4d4af1b5a0503355724a276a8d54d77a52dbb8d9714Virustotal results 50.00%LummaStealer
2025-09-10NjtIeMV.exeexe 0b3d7bd949969024e209b857c76fe6a809a2dc9f0f27075186a2d121ba97c11cVirustotal results 66.67%LummaStealer
2025-09-10NjtIeMV.exeexe 636f8e7a1bcf3211bc861f8238bb1ef3da27f2090abfd2762019a1a863e9b1ffVirustotal results 44.44% 
2025-09-09NjtIeMV.exeexe cc5b2bf704b333bad115a0c656c065ae8b04eb15999e6f1e3c1ea9368b00b150Virustotal results 33.33%Stealc
2025-09-08NjtIeMV.exeexe cc869d2ed72af8be6289199d8ad8edb1898f58ab71289ebdd8f0aa8f963a7f44Virustotal results 51.39%Stealc