URLhaus Database

You are currently viewing the URLhaus database entry for http://212.192.241.211/putty.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2271022
URL:	http://212.192.241.211/putty.exe
URL Status:	Offline
Host:	212.192.241.211
Date added:	2022-08-10 06:27:04 UTC
Last online:	2022-08-17 23:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2022-08-10 06:28:05 UTC to abuse{at}des[dot]capital,ip-reg{at}voldeta[dot]com)
Takedown time:	7 days, 17 hours, 21 minutes (down since 2022-08-17 23:49:10 UTC)
Tags:	bazaloader exe SnakeKeylogger

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-08-15	n/a	exe	f6e1828ca21c2a799b740920d1b8ebb8c65a2792b89832b86eb577f7e62ca54d	n/a	SnakeKeylogger
2022-08-15	n/a	exe	a06d8e909a4da939d257366967c9930276d702f645f67900a1dc53136b4dccb8	n/a
2022-08-14	n/a	exe	341cb4515476007153b7f17212f5e4476852837a031efedd5a4adea723c0bcbe	2.86%	BazaLoader
2022-08-10	n/a	exe	4d4310af285ba36f250f39445af8ce414b26e315510559c593edd7d4b0a7c00e	n/a
2022-08-10	n/a	exe	999077089b1cf34450d1b5aebcd29040131731b327e4d5545707a842ee041162	24.29%	SnakeKeylogger
2022-08-10	n/a	exe	0535c17342eaabc5ad9ef8ad282a103c78c9bf312de161e834766ba7af6eb7fe	25.35%	SnakeKeylogger