URLhaus Database

You are currently viewing the URLhaus database entry for http://92.63.197.59/22.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	192274
URL:	http://92.63.197.59/22.exe
URL Status:	Offline
Host:	92.63.197.59
Date added:	2019-05-07 10:57:26 UTC
Last online:	2019-09-03 16:XX:XX UTC
Threat:	Malware download
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2019-05-07 10:58:05 UTC to hvfopserver{at}protonmail[dot]com)
Takedown time:	3 months, 29 days, 5 hours, 8 minutes (down since 2019-09-03 16:06:40 UTC)
Tags:	exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-08-29	n/a	exe	d12100599ef8bf6d65b49159a00713e7e147d19d387af087e7313fa3a5ef473b	17.91%
2019-08-28	n/a	exe	eee23a8f3e0b0cb2929057cb468f17297c7b46b1fc5c357e17b56ee6a605121b	62.86%	Phorpiex
2019-07-18	n/a	exe	cfa7edc52cb8289ea0822520adf2c116c879c522af81a8aea35e9421a9019535	34.85%
2019-07-17	n/a	exe	64d187bed40d023e14d41b1a80d528f5c12dcf743fcb4de91530567d3244e09e	18.18%
2019-05-09	n/a	exe	73cdc3d11c8cf27e3f5b464fb78664fb9f7231010636a986842fa330ba683d96	n/a
2019-05-07	n/a	exe	db5b05941189e2ffdc78d9040e4d70a9b5bc4d70a77fdc35e6ba7b6675eaa48c	n/a
2019-05-07	n/a	exe	687d3e649b6ba09bc072fcb69ef751b729983dcdbecfb4da7f0d8b2c509c196b	31.94%