URLhaus Database

You are currently viewing the URLhaus database entry for http://62.204.41.248/is/zhiga.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2529849
URL: http://62.204.41.248/is/zhiga.exe
URL Status:Offline
Host: 62.204.41.248
Date added:2023-02-04 06:58:10 UTC
Last online:2023-02-07 12:XX:XX UTC
Threat:Malware download Malware download
Reporter: andretavare5
Abuse complaint sent (?): Yes (2023-02-04 06:59:06 UTC to abuse{at}gorizontllc[dot]ru)
Takedown time:3 days, 5 hours, 59 minutes Bad (down since 2023-02-07 12:58:37 UTC)
Tags:Amadey drop-by-malware PrivateLoader RedLineStealer link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-02-07n/aexe 8029e79a3dbefcc03dcb3dd5fe462132ec039f4dc89f435d3eea1a94be4d2e5bn/a Amadey
2023-02-07n/aexe 9f9562545062802ed0e0f7c71386385b16e849acbd5a0c39b510b8bca648fce1n/a RedLineStealer
2023-02-07n/aexe b087909c57cff8f5e6bf48ac34cc9890b56ec7202f496fe3c12a5033c733fe7en/a RedLineStealer
2023-02-07n/aexe 19d4f61318af726af3c2c8f8267b3d4d170fcfd2fc74d271222a0274d0369c57n/a Amadey
2023-02-07n/aexe 8d1089d96d2214fcd12bedd17d85d086fac21394d400c814c94d0c3031ee16bbn/a Amadey
2023-02-07n/aexe 8a2fa3bf274a99fd7e1a8bd8ad89def4c7aef5805147ac1571a500f99b0fec3dn/a Amadey
2023-02-07n/aexe 8817c5e16f243310c07089fc170c08b523be6b39493d2d69f7c1508c16fd9199n/aRedLineStealer
2023-02-07n/aexe e1c817ffe6757cd593f611e6f3d12384ae3e77f05af84e2f13054895d42777ean/a Amadey
2023-02-07n/aexe 4f91d8de3cd76af86c06ec121a4978b5d6f5076e9835627dc358a50a7e48b7c3n/a Amadey
2023-02-07n/aexe 4ea2670fe6ff4161713d598dd8f0c284b9a1c256666e8df1384ecc5631a76ea2n/a Amadey
2023-02-07n/aexe 55999374a1ef91176455cadaf01b6bf1fd79a3cb6abe562530b072129e0bcabbn/a Amadey
2023-02-07n/aexe ff67aa4c939a125ce32132a7ec54056eedd315652b8718e8707332086a0c9f3cn/aAmadey
2023-02-06n/aexe ebad5d2fea3e494ed0920deeff35f700c215e414bc72a7a3dd1f91bd7df1c01an/a Amadey
2023-02-06n/aexe cbd1724763e023c4d9548651222441a77da6b15cbca472ff3079bacb3096b85an/a Amadey
2023-02-06n/aexe 4238cb026d8c98dc4b36544e36f3b2acb92108ab9a93d3116567aec3a858c486n/aAmadey
2023-02-06n/aexe 298326b2b9dc71aa7d21fd69f1192fbda1a1003ef9eb92dec9300cbbc2227bban/a Amadey
2023-02-06n/aexe 56f8d538ccdd8b09229d7b0807f2c41e837608836cf9a6be17503c7c3aa22cbcn/a Amadey
2023-02-06n/aexe 1c5c2143da45dcf5a3a45b4d0a7b8c9006b0c7421a07eb403d446788ad155a36n/a Amadey
2023-02-06n/aexe 417323a85a32ec0f6955a7de1ae64c4332d4814ab7f41852bba70d11eaaeb179n/a Amadey
2023-02-06n/aexe 40a94148508c86d50a4a9a946380e59ae0c799478b05929a26d20975eaa02773n/a Amadey
2023-02-06n/aexe 8d88830407844f781f384d2de29edafe2bc1296eceb6ed2a9e15fabff85a9c6dVirustotal results 47.76%Amadey
2023-02-06n/aexe df4d7d8bb5f6d392db7936e92f184454a4c1ba2a35becad5540fb492b3303e52n/a Amadey
2023-02-06n/aexe af1248e748e15d155a8d0552415c700ea8ebb18a68d7ca7c085280b3a0a46b37n/a Amadey
2023-02-06n/aexe ef8a781c7494aa3c21aad2e12be7f8c52786e4bc84368badc5cb629d3278561en/a RedLineStealer
2023-02-06n/aexe d297499c8cf01f0a3714ecf4145339a827255f82bb26a2808c8bc38f0082cf8dn/a Amadey
2023-02-06n/aexe be36dbbdf02d05eea51ff1a0e38283204ae41a946dd28335736b7fb6f7de93d4n/a Amadey
2023-02-06n/aexe 18657a5e61b3bb04ff35e7f105a829e2699beadea3c39755ab0ba0e5773ffeean/a Amadey
2023-02-06n/aexe 54aafb51ff385a09a9b8b9607e14910f4a669ae15d0081e2cc6c3ce46c7cda74n/aAmadey
2023-02-06n/aexe bf9e10130e997655e748c73b32289e5b98ab3c1971070311cce98efb9bca2b4fn/a Amadey
2023-02-06n/aexe b28761dcebdb2388cbe68dde67065b717b2e9bc1e062ff1c68780ca5faa20e73n/aAmadey
2023-02-06n/aexe bcd143b5d82aec04591bc7241000d96e2da826c0deb216124612d0d17234060fn/a Amadey
2023-02-06n/aexe a6dd39bd30b638292418a7db05be675fd6918abe0f19e10ed7573f8cdfe8ab74n/a Amadey
2023-02-06n/aexe 2d09eb746cf50fe4baa216992a626d77e24b0fb47fbe6cd94edd58084d464eddn/a Amadey
2023-02-06n/aexe de84a8add564dcc89c3795f22cf5ea7e36269155cc3d6894a9a0f56a7e98af90n/a Amadey
2023-02-06n/aexe a311e35bc62933fbd195eee8900fa19f3970904ed856ae99337648ce98c4bdd1n/a Amadey
2023-02-06n/aexe ef82609f9b3763c250245b7136af1f49aeddadbe316cd64aa6af85be1db763c1n/a Amadey
2023-02-05n/aexe b1de4e7d05c80b8b358b4e6d164ae1945fe7834dffc6f0845c3fa0aef1e77f73n/aAmadey
2023-02-05n/aexe 054ad54b518b945af94ccaf0fbb7f2fe57fbaffd43d7eeb903f21b90116b9795n/a
2023-02-04n/aexe 325a41b4dfab6ef08cfd83e2fb1ae1b1bbf1631cc8c2fe53ad29c78d657abfcaVirustotal results 47.83%Amadey
2023-02-04n/aexe 74f010b32c985a9151cafa95da88071ad790d7cd5f966b0d5acfe4d1b578b5a4n/aAmadey
2023-02-04n/aexe 42b5641e5885400a57499a0ce5937928b2e3843f30c86c820ef3631315a1fc6bVirustotal results 49.28%RedLineStealer
2023-02-04n/aexe 8390f4631e557db48aac726a712df742343af5a547f01b87de444cc414133962n/aRedLineStealer
2023-02-04n/aexe 0a74c0aa2b21b8ff3595292e868a360009294f2d722de28109013992a8954465Virustotal results 47.76%RedLineStealer
2023-02-04n/aexe f8b9cf1aa72fa4cf17b3286cc3c73f893e2bf491a46c364b3e1c6d1e8f1bcb2dVirustotal results 55.07%RedLineStealer
2023-02-04n/aexe fd175c2b3abdea1356f213078f594cd33d643c39ce9db3360f30263bbafa90c9n/aRedLineStealer