URLhaus Database

You are currently viewing the URLhaus database entry for https://vantarat.st/rem which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3850559
URL: https://vantarat.st/rem
URL Status:Offline
Host: vantarat.st
Date added:2026-05-20 15:40:22 UTC
Last online:2026-05-21 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Malware domain
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Not blocked
Reporter: burger
Abuse complaint sent (?): Yes (2026-05-20 15:41:34 UTC to abuse{at}ddos-guard[dot]net)
Takedown time:23 hours, 53 minutes Good (down since 2026-05-21 15:34:34 UTC)
Tags:exe VantaRAT

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-05-21WindowsRuntime.exeexe ef33227b2ebdeea57dd3e8fba14e56e5b06dfd226d3c051f469b4755965d5fc6n/a 
2026-05-21WindowsRuntime.exeexe 352e6ef878988c4a1ce539a5f649613143604ad66714ca147740ca17c1c8e1ecn/a 
2026-05-21WindowsRuntime.exeexe 5d5b5bc62e4b1d03b9ed12f2e3621b761cd41f30b3067bbd66c06502060e7874n/a 
2026-05-20WindowsRuntime.exeexe dd4d872db6fd57feb724609e540781571cba90ae7c3944cb8d2260433f9e8f2en/a 
2026-05-20WindowsRuntime.exeexe a8a512c2482e3fab8656feb1f0abc6c534cb61b3d2b2048a7e7e3c14a00644b8n/a