URLhaus Database

You are currently viewing the URLhaus database entry for http://194.38.20.199/pg2.sh which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1046499
URL: http://194.38.20.199/pg2.sh
URL Status:Offline
Host: 194.38.20.199
Date added:2021-03-04 10:23:03 UTC
Last online:2021-11-30 11:XX:XX UTC
Threat:Malware download Malware download
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2021-03-04 10:24:07 UTC to vb{at}smartmedianetwork[dot]com[dot]ua)
Takedown time:9 months, 1 days, 1 hours, 15 minutes Bad (down since 2021-11-30 11:39:11 UTC)
Tags:shellscript

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-09-16n/aunknown 2cd30aa932dad0fd3b7d6725abc699af1968f2a72fb4153d5d872ef1f218455cn/a 
2021-06-09n/aunknown d0d99ef9345f34b11e0cde620f8c01ec39e572e192c7970700a86dc5b24e0596n/a 
2021-06-08n/aunknown 2e5d701fb10516a7286f969c4e56242055b2d0276ac13d5419800bb2405eb59fn/a 
2021-03-25n/aunknown 9cf022fe8e2a72ef3a7f06f783e3b3e9ed1b06911e9573fede954512f5ff0021n/a 
2021-03-13n/aunknown c3cf9347393ebd09b7cd5a549462a8cbe728a9e6d623e44fb764e8e4d51d0d05n/a 
2021-03-04n/aunknown 0e77291955664d2c25d5bfe617cec12a388e5389f82dee5ae4fd5c5d1f1bdefeVirustotal results 31.67%