URLhaus Database

You are currently viewing the URLhaus database entry for http://130.12.180.43/files/5900855435/eNLe4nm.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3748719
URL: http://130.12.180.43/files/5900855435/eNLe4nm.exe
URL Status:flame Online (spreading malware for 1 month, 29 days, 16 hours, 57 minutes)
Host: 130.12.180.43
Date added:2026-01-01 19:51:07 UTC
Threat:Malware download Malware download
Reporter: c2hunter
Abuse complaint sent (?): Yes (2026-01-01 19:52:12 UTC to abuse{at}virtualine[dot]org)
Tags:c2-monitor-auto dropped-by-amadey Vidar link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-02-28eNLe4nm.exeexe 5ac53e312732078514a827b41e1b2cbc6e7161970f9d9ad91f382eede969ac39n/a Vidar
2026-02-23eNLe4nm.exeexe 42d627f41930ad606097033377b865e008adc35d4751150ad935b4ea3dcd4622n/a Vidar
2026-02-14eNLe4nm.exeexe b43bbdf8cd383959ab62a587f80ca301e66af67c9673eda6ff901e35bf2afe34n/a Vidar
2026-02-08eNLe4nm.exeexe 83fa304e1ddbf3e235cc5124cd5bb8b6efd6e0edf8ecf18da2467150464e3bf8n/a Vidar
2026-02-06eNLe4nm.exeexe aff9e8042ec3a72576b6023c2e732e62b117bb4f785ecbc413c99e47ccfbdff0n/a Vidar
2026-01-31eNLe4nm.exeexe 20bdd8cd7493353efe6e8c94782b0315b68de4d7846ee4ec96cfc4706b4ef1adn/aVidar
2026-01-27eNLe4nm.exeexe 8be3fa2d29d4a3f3a34b634d6f1d871b9f46604caff0270652cd90e223a45655n/aVidar
2026-01-18eNLe4nm.exeexe 48bac0e8acb3f7e286e49ce959183f44d2dfcad16816709aea0c4cfed6bed27en/a Vidar
2026-01-04eNLe4nm.exeexe 22e34c1d5f917d3b636572c5c597fb2ffa4a572b301f1910855c9a83dbccc8c5n/a Vidar
2026-01-01eNLe4nm.exeexe c06486083452957875c92062a1dcc3061fe2e89d56c1dcd2dafc6837c27c520cn/aVidar