URLhaus Database

You are currently viewing the URLhaus database entry for http://185.157.160.147:4444/as.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1597417
URL:	http://185.157.160.147:4444/as.exe
URL Status:	Offline
Host:	185.157.160.147
Date added:	2021-09-06 17:08:06 UTC
Last online:	2021-09-09 22:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2021-09-06 17:09:02 UTC to abuse{at}ovpn[dot]com)
Takedown time:	3 days, 5 hours, 50 minutes (down since 2021-09-09 22:59:17 UTC)
Tags:	bitrat exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-09-09	n/a	exe	489d1c3ba6f81a39f2371560504268d8882d3b6210786becde11c2677277ceb9	33.82%	BitRAT
2021-09-08	n/a	exe	98a0f70e2b7b3f06f163558f02dc1b10cd7a06e289c86e2b5db3abdab72ee5bd	17.65%	BitRAT
2021-09-08	n/a	exe	c903da10b8241191defbb1eff45dea618f19270c72e1905e0748e75178de3a63	25.00%	BitRAT
2021-09-08	n/a	exe	ce894fb386c764c9421232b3fbce7901b5538cbc139a7bb175393f778ca2418f	34.33%	BitRAT
2021-09-07	n/a	exe	4420228e7fcc165d098da14380b8f81027d7a8b061828cafcfaf66b495821c98	25.00%	BitRAT
2021-09-06	n/a	exe	bad6b33604b6f731a8ec0918689f278d860e900d7fc37502691b7566c9d215de	14.71%	BitRAT