URLhaus Database

You are currently viewing the URLhaus database entry for http://paperships.top/bestof/gfers.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	998432
URL:	http://paperships.top/bestof/gfers.exe
URL Status:	Offline
Host:	paperships.top
Date added:	2021-02-10 07:38:05 UTC
Last online:	2021-02-26 22:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2021-02-10 07:40:06 UTC to ost{at}sbcloud[dot]ru)
Takedown time:	16 days, 14 hours, 36 minutes (down since 2021-02-26 22:16:53 UTC)
Tags:	exe RedLineStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-02-26	n/a	exe	c5d0e2036267482dcbf360b0f2be1dba1ac73bf7f1c8512a4816fc6e607bf485	n/a	RedLineStealer
2021-02-25	n/a	exe	3a77d697b35b9de741ac611c904aca942a17d4ac8f786f4f9b9532dec277a8f6	n/a	RedLineStealer
2021-02-23	n/a	exe	4ef2301fc3da6b681932cd7a7d32fa6a86800651976a1b9a847864a65f6234f8	n/a	RedLineStealer
2021-02-22	n/a	exe	676593610aafb444bd3b06028cbe14c0f1bb08d621da061609436d0afbe536fb	n/a	RedLineStealer
2021-02-22	n/a	exe	6fc478619e492f7c687bdff2235a57206f867c0601e22301480202a9c0ceb16b	46.38%	RedLineStealer
2021-02-19	n/a	exe	3de9238c143c51c930d09f9b28182a9f9208eb8db6245c7fc16fce67b13f34fc	n/a	RedLineStealer
2021-02-19	n/a	exe	19890d123eb7e4f772159aeb1c68a42785a5bcb2a25da044c21656fb83b4d530	n/a	RedLineStealer
2021-02-19	n/a	exe	fa8288121fc03ad692564b12fa8483fe51f4086910d748db2be43eebb6a67de2	n/a	RedLineStealer
2021-02-18	n/a	exe	0e09d3298aae4a2a440ae32321a8f6db607e9cb072156b17eb8fb12b212c1cf6	n/a	RedLineStealer
2021-02-17	n/a	exe	ddd810853f9fa4626060db340eaf5c38b614b81be0dc05f92c0f5356431bc9c5	n/a	RedLineStealer
2021-02-16	n/a	exe	1cc5cd7cbf758f41dedcf4f9accd9af082d547437644a1e8afb2195698c34dde	n/a	RedLineStealer
2021-02-14	n/a	exe	e99ab798099b3c352427b7808b0a2c7e73854aaeb34001f17852e288af321f6c	n/a	RedLineStealer
2021-02-13	n/a	exe	59c716406e823c0c18ee285114413fb69babf813725be46e6bafa5fdf4cfbcf3	n/a	RedLineStealer
2021-02-12	n/a	exe	1ad35ecffd662312ffa048ae8b85344267ebdd6d5c3be375c99b84c57d3ef117	n/a	RedLineStealer
2021-02-11	n/a	exe	808be962b671de3c658a363c3ca14ea5181d3669f0a23f0263a175e9416daab5	n/a	RedLineStealer
2021-02-10	n/a	exe	b6255ccb6a0c4843452827ec54f6f041a3285f3042668d1ba4f7593f733d420f	n/a	RedLineStealer
2021-02-10	n/a	exe	e0e1df2e713258532e08c09458ad6f5e50163b1e7c9c1f1446f0023c4e479bef	n/a	RedLineStealer