URLhaus Database

You are currently viewing the URLhaus database entry for http://107.172.206.118/32/upx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2350100
URL: http://107.172.206.118/32/upx.exe
URL Status:Offline
Host: 107.172.206.118
Date added:2022-10-04 10:59:05 UTC
Last online:2022-10-08 18:XX:XX UTC
Threat:Malware download Malware download
Reporter: abuse_ch
Abuse complaint sent (?): Yes (2022-10-04 11:00:14 UTC to abuse{at}colocrossing[dot]com)
Takedown time:4 days, 7 hours, 46 minutes Bad (down since 2022-10-08 18:47:02 UTC)
Tags:exe SnakeKeylogger link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-10-06n/aexe 2afad9ad588a3219b1b36b0096ff4a8db8d70082fd09a612dc6f5935e46f0d4bVirustotal results 25.35%SnakeKeylogger
2022-10-06n/aexe 521e9db681ade0e368a3e99d735333c0d18df6087aa1f2fe6984c84ce1e4a1d8Virustotal results 27.78%SnakeKeylogger
2022-10-05n/aexe a3465cca56d61a376078e6ac2d7466fae46bf7d073b9145b768f77ff33a3da0dn/aSnakeKeylogger
2022-10-05n/aexe 576aa02b24864b2430af14fbbb6958ff3689b783b7e91012ccb247af6c4a29f2n/aSnakeKeylogger
2022-10-05n/aexe b20966a8bb27e4b3c2d3fbfb25b4b9336493157fad3fd67ebc1580b97f88f857n/aSnakeKeylogger
2022-10-04n/aexe 5d1a1b0b133b338b8086f64e52e4efc7174f119a95a9cd11cb95c9370ba0d459n/aSnakeKeylogger