URLhaus Database

You are currently viewing the URLhaus database entry for http://107.173.191.77/draft/winlogon.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2158313
URL: http://107.173.191.77/draft/winlogon.exe
URL Status:Offline
Host: 107.173.191.77
Date added:2022-04-21 08:31:04 UTC
Last online:2022-05-12 14:XX:XX UTC
Threat:Malware download Malware download
Reporter: abuse_ch
Abuse complaint sent (?): Yes (2022-04-21 08:32:09 UTC to chris{at}mohawk-host[dot]com)
Takedown time:21 days, 6 hours, 14 minutes Bad (down since 2022-05-12 14:47:08 UTC)
Tags:exe Formbook link opendir

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-05-03n/aexe 36ed62fb5d255a7847a154e2f3fcd8aff5f39675a653a13667d48c59c0aeb2een/a 
2022-05-02n/aexe ac7961170a9fe0e160128385adfc20e8c770244ef7aa4de192f34ec0d6aa5f56n/aFormbook
2022-05-02n/aexe 9151e41a5b23b54f975ba83300f5390141a80a3f22dfc344028a7f253609d095n/a 
2022-05-02n/aexe 951e9298cd5a412885d910e11c0e791fec94f0e94a60f4d347d1747917c6eed9n/aFormbook
2022-05-02n/aexe f68f8578cd443c77670f46bc7ba4b3d95429862fbf8c86d6e4b0fd306c3db68an/aFormbook
2022-05-01n/aexe 032dfad6230e8c5eb84d6225d3766cc849ae5b920fb62b2f24cb33896d94d465n/aFormbook
2022-04-28n/aexe 8cfbf18a6d4b171e8bec81b40716b9214e4aec1246319dff997363dc67432a4en/aFormbook
2022-04-28n/aexe 371433b2090ff085504e89bb6b6a12d2e7603c5797c5d59771580870c20eb434n/a 
2022-04-28n/aexe d002cf3acecf1baf3193468b3a7ab3324c4e1f58452a24736e9aa9d8b82b474fn/a 
2022-04-28n/aexe 0785f8a1c3f385a44eae5e41e5c34e93200c43c68f96e96d253b4e4389e50996n/a 
2022-04-28n/aexe 675b81e7f9f0e3e3890de0cd51dd0577fe0dd119feeddca1059813839b326d91n/a 
2022-04-26n/aexe d5c2aa961338a641683ae090a72c5553775fe136c21a1bc5ba175cd7bcbb5995n/a 
2022-04-23n/aexe 9afa5a53a2f68b1eb6dcc22a14b1b23e03b02da4a5501d7e7cbcb0a4d694f55dVirustotal results 55.07%Formbook
2022-04-21n/aexe 68bdffe460b6b63619a94c667eed5e81ec779aa96edc78ecfdc7bd232ff37e98n/aFormbook