URLhaus Database

You are currently viewing the URLhaus database entry for http://185.212.130.94/download/build.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	959714
URL:	http://185.212.130.94/download/build.exe
URL Status:	Offline
Host:	185.212.130.94
Date added:	2021-01-14 04:22:03 UTC
Last online:	2021-01-15 15:XX:XX UTC
Threat:	Malware download
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2021-01-14 04:24:02 UTC to support-link[dot]ac{at}yandex[dot]com)
Takedown time:	1 day, 10 hours, 40 minutes (down since 2021-01-15 15:04:16 UTC)
Tags:	exe RedLineStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-01-15	n/a	exe	13e47f17dd6d83e44f9dedb7170f9f3aaedc3497a8ac97025962787f3f922155	n/a	RedLineStealer
2021-01-15	n/a	exe	038616b5db5a3c68ccfb202a79c7b48ffc9a65eba5d5c4886a0c56fa3ef637ed	n/a	RedLineStealer
2021-01-15	n/a	exe	2c01c4443eb37f42dea586897788eafbef78bcd1279f17c729584075e32ed5ff	n/a	RedLineStealer
2021-01-15	n/a	exe	898c957d6bc0417994827db79ca2c264ee100f0ccf54cafdbf18b4e9c9559c0b	n/a	RedLineStealer
2021-01-15	n/a	exe	db2d641b1a96b0b1dbaa96ea47d36d8cfe14aea247eac1283fd3bebbf81fbb3b	n/a	RedLineStealer
2021-01-15	n/a	exe	b62455332629537d0000e5b3fd06b557e12a9a4eb0b3019a3a9c3fec52377269	n/a	RedLineStealer
2021-01-15	n/a	exe	7eae7a527dfb3906b7248135fe8257a45cc9c3042c7b83a443dab71037afeb61	n/a	RedLineStealer
2021-01-14	n/a	exe	39082e2e7b0a973be062cede767afe3861d570962c23d589d03dde43553b8900	n/a	RedLineStealer
2021-01-14	n/a	exe	b2150830c4f7af2133d1ce2c9279ae3021b49b610011ef546662ff18a7a15770	n/a	RedLineStealer
2021-01-14	n/a	exe	d4a4064f832fb856101831e663b4aaf0e0c6b19550c0f002830849cd9f1151b7	n/a	RedLineStealer
2021-01-14	n/a	exe	bc9ef9e6bb5655055b0078d9985d1556b3c88ed8d180446e3dae8cfc9614b423	n/a	RedLineStealer
2021-01-14	n/a	exe	3e0c5df082e1d3349a0578479117c25ede69746306031eb0005bd9526706952d	n/a	RedLineStealer
2021-01-14	n/a	exe	c28b4becc94a0cf4182fd2ae9ef906d92769a0dbc8b0e9bd37605490deaa40b0	n/a	RedLineStealer
2021-01-14	n/a	exe	76b344ae7012a001747a0db9d0a72aa17d4af6b732263ec7674550b778916a88	n/a	RedLineStealer
2021-01-14	n/a	exe	b721b7bd732b96647e8603f5beaa7bd1a0ab6f861f525eeaae3927a367d4231e	n/a	RedLineStealer
2021-01-14	n/a	exe	cecd98d6dda67e9a447f9d59666feb8be4259e9c40cc49c29a2af94504145b54	n/a	RedLineStealer
2021-01-14	n/a	exe	cfbdc8b5ae94b960fe50baf1fb78e5a9e5442b2cdb06bbc8233aefd3208fc663	25.00%	RedLineStealer