URLhaus Database

You are currently viewing the URLhaus database entry for http://45.83.122.242/css/avicap32.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2350834
URL:	http://45.83.122.242/css/avicap32.exe
URL Status:	Offline
Host:	45.83.122.242
Date added:	2022-10-05 10:19:06 UTC
Last online:	2022-10-08 21:XX:XX UTC
Threat:	Malware download
Reporter:	vxvault
Abuse complaint sent (?):	Yes (2022-10-05 10:20:13 UTC to abuse[dot]itweb{at}yahoo[dot]com)
Takedown time:	3 days, 10 hours, 58 minutes (down since 2022-10-08 21:18:21 UTC)
Tags:	DarkTortilla exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-10-08	n/a	exe	dbcee8a639b1a627378deddf43ad27b78c86b4f74ca848bf880e17328797e882	n/a
2022-10-07	n/a	exe	729c7829cb055679d29b496693a55814c1a493c7c4a68ab7c121ee5e4745c430	n/a	DarkTortilla
2022-10-06	n/a	exe	1b301ece76f0b0c19c780ea91d23a4e5bb60d77c4356ce840824c0ebee11dd42	n/a
2022-10-05	n/a	exe	a4c7425d4048848b51c036ee99ed5c755b0c914e7a0d5e850179e29279b54bc6	n/a	AllcomeClipper
2022-10-05	n/a	exe	e4c58ca4fe487845e33f4976a92f5d1cab56f3ccfad3aaaeba9ad036dea592fb	23.61%	AllcomeClipper
2022-10-05	n/a	exe	37611974a3ee8ab0a2a0849f4421ed44e3b51ee3fb7a24e12111340c9ec15402	51.39%	AllcomeClipper