URLhaus Database

You are currently viewing the URLhaus database entry for http://172.245.27.36/julz/wong.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1791809
URL:	http://172.245.27.36/julz/wong.exe
URL Status:	Offline
Host:	172.245.27.36
Date added:	2021-11-16 07:26:05 UTC
Last online:	2021-11-26 08:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2021-11-16 07:27:06 UTC to abuse{at}colocrossing[dot]com)
Takedown time:	10 days, 1 hours, 8 minutes (down since 2021-11-26 08:35:40 UTC)
Tags:	exe Loki opendir

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-11-25	n/a	exe	b1db4e27fe573cc95fbc88f19430b4fd6576da22ee17ede44fb85def9e078421	n/a	Loki
2021-11-25	n/a	exe	54cf72136a00fea8d7133de8763a82bdd5b31cddf1b285c727fd136c5bb38c52	n/a	Loki
2021-11-19	n/a	exe	07dfb5f2d54d7532eca86707fa42b5da3cd3161c0d4e83c09c37dfff4a65da8b	n/a	Loki
2021-11-19	n/a	exe	9d45764f320d620b76c528b09d50ced3b5149dbbbb37e2059a4c661ec0998a21	n/a	Loki
2021-11-19	n/a	exe	7956fe6ab3efb78855e1bb53565c7a238fc6a73e97471254a820df0f4b0a5096	n/a	Loki
2021-11-16	n/a	exe	cdc34c14ac8a1091ac4e2499d4dc18ca0d3412e69bf7b9bf9d85eceec0ecfc9d	n/a	Loki