URLhaus Database

You are currently viewing the URLhaus database entry for http://92.63.197.153/work/1.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry




ID:123664
URL: http://92.63.197.153/work/1.exe
URL Status:Offline
Host: 92.63.197.153
Date added:2019-02-13 17:17:02 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Unknown
SURBL:Not listed
Reporter:@de_aviation
Abuse complaint sent (?): Yes (2019-02-13 17:18:03 UTC to hvfopserver{at}protonmail[dot]com)
Takedown time:11 days, 3 hours, 28 minutes Bad
Tags:exe GandCrab link Gozi link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-02-24n/aexe 234901adb1100979c1e842133901f0bb8617683efeed4e3d56245f71f71aa6b2n/a
2019-02-23n/aexe e9e23726b4a7451ba5eefc9ec90c1ea897046bde4ed13de419d9dace59f6dabcn/a
2019-02-22n/aexe b08dbdc4ac809442377a0d293e6c5f5cbfd382d50eef04944a5759d04ecf917an/aRansomware.GandCrab
2019-02-19n/aexe 9f67f9e92315321a2407d7fdb745841eade53b7c6871bddb6f33f93f195b1773n/aRansomware.GandCrab
2019-02-16n/aexe 6607553c67b14563abe81ba59784e5a47fd3bed3bef447cc1373a146558245b3n/a
2019-02-16n/aexe bb13e13ced7ed27d32eb517c9bbf5cd7bdf0bb42d0cd4e463dc4cb2852db5ee2n/aRansomware.GandCrab
2019-02-14n/aexe 812f5627bbfa5311fc96d5894cea16788c4f81d644729ebaea432a45d65ab8faVirustotal results 75.76%Ransomware.GandCrab
2019-02-14n/aexe aecfd7d0ce756eba121773cc5f39f27829ee533299c62d7636028558c0365c8bn/aRansomware.GandCrab
2019-02-14n/aexe 0e68739e68e4b3f82ecd633d32754344593a25bf47ce3b8f4d6c08f52a3531bdn/aGozi
2019-02-13n/aexe 1330d4f12332f76cf0535103c82603b5e2bb158da40dc71ba3a3b0912a86a230Virustotal results 18.84%