URLhaus Database

You are currently viewing the URLhaus database entry for http://greenpalace.top/brazi/testoviyjuki.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry




ID:401438
URL: http://greenpalace.top/brazi/testoviyjuki.exe
URL Status:Offline
Host: greenpalace.top
Date added:2020-06-24 15:09:07 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL :Botnet C&C domain link
SURBL :Blacklisted
Quad9 :Blocked
AdGuard :Blocked link
Reporter:@zbetcheckin
Abuse complaint sent (?): Yes (2020-06-24 15:10:04 UTC to abuse{at}selectel[dot]ru)
Takedown time:6 days, 8 hours, 22 minutes Bad (down since 2020-06-30 23:32:23 UTC)
Tags:exe RedLineStealer

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2020-06-30n/aexe 9eee4d294f2111c25d601095dc4e10e7793c99d270c47c827c7316adf1393e73n/aRedLineStealer
2020-06-30n/aexe 9ad5016838dbe98636fc897ce2cd1da1ef01d07258b4f82f231140de8728af22n/a
2020-06-30n/aexe 458d776a78396a0b2a3a7f2a66304e5ceb05038b50ad936cecaeba7c584807dbVirustotal results 27.78%RedLineStealer
2020-06-29n/aexe 4ab64bf3848bd35e690879055bcfc38dd7b42c1cee8e6e18135729670a3cda5dn/aRedLineStealer
2020-06-29n/aexe 7e27eeba8a5b36093e5898b22704c8362b1e2408335af3638281df0c455694fen/a
2020-06-29n/aexe 6bfe3ac30485db1744b6956723641f6f8db9ab7d229efd636ac5898355ce12e7n/a
2020-06-27n/aexe 66afba1b0f002f8dc370a3702f5550f3917036821ec5c22c084d8572f00b9418n/aRedLineStealer
2020-06-24n/aexe 5c164b47abfcecfc8f75d220cffbe8a9de97cf956154783aae6d885c180c1e8dVirustotal results 42.47%RedLineStealer