URLhaus Database

You are currently viewing the URLhaus database entry for http://107.189.12.195/wget.sh which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1986520
URL:	http://107.189.12.195/wget.sh
URL Status:	Offline
Host:	107.189.12.195
Date added:	2022-01-18 14:09:04 UTC
Last online:	2022-02-09 06:XX:XX UTC
Threat:	Malware download
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2022-01-18 14:10:10 UTC to admin{at}frantech[dot]ca,fdias{at}frantech[dot]ca)
Takedown time:	21 days, 15 hours, 50 minutes (down since 2022-02-09 06:00:47 UTC)
Tags:	shellscript

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT
2022-02-09	n/a	unknown	cce0f1b57c07e61203ee1a6ef435c1a6cbbba26ef92a9867d79a286c0ed32409	n/a
2022-02-09	n/a	unknown	71fea9ad87e6d1b3bfd94dd7963c5b40b5af2695ea3620a65a00000e839b4046	n/a
2022-02-08	n/a	unknown	77ac5dae1c7f2f8f4f9fd672ad60a7074bc349795a79b4a3a79a445170f34c9c	n/a
2022-02-06	n/a	unknown	18af8753485d6fae12e9b13dcc42ff491a92acd77cb23c294307583d2bc73561	n/a
2022-01-27	n/a	unknown	0ac1fd536dfcc221822d9e72442101ca9ba6d1419562f13a880960713ab5fc8c	n/a
2022-01-27	n/a	unknown	b590bdb2861fca7d63518eef3fac0ea924bf8e409da29914b57dc649722dcfcb	n/a
2022-01-18	n/a	unknown	226121281d09352c2c2d2dd8f3cb7dbd81ca9c98d8faacbaa93d3c983f332276	44.83%