URLhaus Database

You are currently viewing the URLhaus database entry for http://58.218.67.253:281/4.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1024494
URL:	http://58.218.67.253:281/4.exe
URL Status:	Offline
Host:	58.218.67.253
Date added:	2021-02-22 18:58:13 UTC
Last online:	2021-04-08 03:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2021-02-22 19:00:04 UTC to jsabuse{at}189[dot]cn)
Takedown time:	1 month, 14 days, 8 hours, 22 minutes (down since 2021-04-08 03:23:03 UTC)
Tags:	exe hfs opendir younglotus

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-03-08	4.exe	exe	a306388cc05d790f39fa6f9cfc688fa4b907038d82ea8086b6dda558a55f010a	n/a
2021-03-07	4.exe	exe	8da01fa3b9b7504e932a29dd19676796c6cc7b114dd8b19f17aee49d6f7f1ea6	n/a
2021-03-01	4.exe	exe	4288f372ac29a190f68919ad434f3bb2630ca2c7b242deb158652ea0b84e5936	n/a
2021-02-27	4.exe	exe	857369672b83a9ad4aedd0702f0fcc19df5bacf8f0b9fdd1662eb2ab59a9a05d	n/a
2021-02-25	4.exe	exe	6fe31e8a8d86457ee7bdaccd10505c9647980a89bac9859fc4489e0450a102bc	n/a
2021-02-24	4.exe	exe	cd61ce526c3cf535c4cd3e5d82547b847850f6ad791f7a66d52abc72f0925f63	n/a
2021-02-22	4.exe	exe	613a7aa7078212d20dab6f9c0d0e1d89274f190ae992c151cd292af87d9d7443	n/a	YoungLotus