URLhaus Database

You are currently viewing the URLhaus database entry for http://92.63.197.48/m/mb.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry




ID:101320
URL: http://92.63.197.48/m/mb.exe
URL Status:Offline
Host: 92.63.197.48
Date added:2019-01-04 05:55:06 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Reporter:@de_aviation
Abuse complaint sent (?): Yes (2019-01-04 05:56:09 UTC to hvfopserver{at}protonmail[dot]com)
Takedown time:1 day, 10 hours, 16 minutes Poor (down since 2019-01-05 16:12:09 UTC)
Tags:exe GandCrab link Ransomware Ransomware.GandCrab link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-01-05n/aexe c3dd0fa37af321000cef9b6654bbd766834540d3e0835e6fbd7e82e8e299f17bn/a
2019-01-04n/aexe bce4c97daa3ae1c1702046b2f8d7952ab076da8b6c9544331b08e76de21c005dVirustotal results 7.35%
2019-01-04n/aexe ea30492f29da6ea83bcf9ca3e4fee0eac51705b4eb40d62334c53441b537091cVirustotal results 27.14%Ransomware.GandCrab
2019-01-04n/aexe 5154a51f2940554b9e3b3031193b50003fd7ef9ad050cefb553463e6cdaa6560Virustotal results 48.57%Ransomware.GandCrab