URLhaus Database

You are currently viewing the URLhaus database entry for http://gferhrolklm.top/bestof/gfers.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:759003
URL: http://gferhrolklm.top/bestof/gfers.exe
URL Status:Offline
Host: gferhrolklm.top
Date added:2020-10-28 02:36:04 UTC
Last online:2020-11-04 08:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2020-10-28 02:38:02 UTC to support-link[dot]ac{at}yandex[dot]com)
Takedown time:7 days, 5 hours, 51 minutes Bad (down since 2020-11-04 08:29:08 UTC)
Tags:exe RedLineStealer link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-11-04n/aexe fdc884b306b56d605844a30990a565fed93cbbf6d15c04c524ee606fbb1d8931Virustotal results 38.57%RedLineStealer
2020-11-03n/aexe 31239f4455170cbb223b36936011b6573c3a5a86ee32b55f0bba48d95f3c7f6dn/aRedLineStealer
2020-11-02n/aexe 566b744e0e0b789f5ba0502144328af1df9483cfbd80a0efc7437aec176c3ac6n/aRedLineStealer
2020-11-02n/aexe a0a1952f947eaea5f54da2c343da0dc0ef5cd7bc58fe27f1dbf4e7199e757a13n/aRedLineStealer
2020-11-01n/aexe 9ea7a66f0c3dc13ddfc6f05d95049dd7f641053a380578a12013db9f72367f65n/aRedLineStealer
2020-10-31n/aexe 94e489927f1f04b50d80382b4ebbb245d8b0cd55f36dac8d7de3c543cbf361fbn/aRedLineStealer
2020-10-31n/aexe d38ed95f4f670f295e3b5a2c5d694bbf3ffb28e56f99abd0ef32d5e80d20f0dbn/aRedLineStealer
2020-10-31n/aexe 5515062c13a830721908555c82f8d1812fb6294e0c20e94d3631a9e77952e29bVirustotal results 47.22%RedLineStealer
2020-10-30n/aexe 0215f9dd19951e07aaa5ddfed10c4b46af716a8e3ce1ccb853f0992d14ee3e34n/aRedLineStealer
2020-10-30n/aexe 53694d09899c9de1600743b37ab45e9dc4e3eaf329dc410e87a3b7318d943012n/aRedLineStealer
2020-10-30n/aexe 8f479fb175685aa848118801d06cdf077c087265494d2c931b50ab2074ba7183n/aRedLineStealer
2020-10-29n/aexe f9606e3e6dda93ec347cb4de7181ec53d26c6cbf7936097502170935d3afe0dfn/aRedLineStealer
2020-10-29n/aexe dbb953f1943fa6f07fcaad4f4469fc48a19dc1df34b2502ea8c7b789bedbfaden/aRedLineStealer
2020-10-28n/aexe bcd0816d97ffba1d11214540f3bf25344f835281fdd67edba638054527833222Virustotal results 31.43%RedLineStealer
2020-10-28n/aexe dd6dee2697bcc5d714a75c7139963f3f13a214fd508d4e67d5962e93b44b7b14n/aRedLineStealer
2020-10-28n/aexe 9c3b3e69af0914c05b102e9c8288d1a3a7526c14721b774cd129b606b7bf224dn/aRedLineStealer
2020-10-28n/aexe e956a58b3dfb4b71d0fddad3a02ffd5cc0c3413684b59e2f9f14fd3626250f1dVirustotal results 36.23%RedLineStealer