URLhaus Database

You are currently viewing the URLhaus database entry for http://77.91.78.166/s.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2550629
URL: http://77.91.78.166/s.exe
URL Status:Offline
Host: 77.91.78.166
Date added:2023-02-25 19:49:11 UTC
Last online:2023-03-01 06:XX:XX UTC
Threat:Malware download Malware download
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2023-02-25 19:50:08 UTC to abuse{at}aeza[dot]net)
Takedown time:3 days, 10 hours, 44 minutes Bad (down since 2023-03-01 06:34:50 UTC)
Tags:32 Amadey CoinMiner CoinMiner.XMRig exe Phonk RedLineStealer link Smoke Loader link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-02-28n/aexe a15b65d3c2f6979e481c4d045514809c24d60c28f97893e9950858a878cbc5dan/aSmoke Loader
2023-02-28n/aexe ea58c7a723f377f77701f0f01f6b8f7c311c4f8e94ac52fb0b3be5ea0f53351bn/a Smoke Loader
2023-02-28n/aexe ef0384f195f7550887ab50c82f606b259a6722de97053138db67896da26d93d8Virustotal results 38.57%Smoke Loader
2023-02-28n/aexe 57c0a9a19646427caebe78e8f7cd16f952e9b1be35e44d49a382f1e078645f41Virustotal results 39.13%CoinMiner
2023-02-27n/aexe ac3b9b3caa7962e5775de79c23d1f674ad4161f135af447a480ced3d3ca983a5n/aPhonk
2023-02-27n/aexe c45365acb54ee1edf3eda04ca895367520f3dcc86772c8561ba6eca0479fe331n/aCoinMiner
2023-02-27n/aexe b34b0e419d51e4fcb82cb93b5215c513d99f319849695b951241e6b9b5877b06n/a Smoke Loader
2023-02-27n/aexe 590d3cd608e3562a3b67f10f34e737bd22837170267f48007d6acf57f6d34b64Virustotal results 26.09% Smoke Loader
2023-02-27n/aexe 770b4bdbae7ecea498150d62ea7570ebdbcd9db5e81f65dda0d9f51c31181ee8Virustotal results 25.71% Smoke Loader
2023-02-27n/aexe 31125dd90470955ca70e23ae2c3fd372db8b991a7c92bfb49d442b67539602c3n/aCoinMiner
2023-02-27n/aexe dc66e370a590973dad6cf4b7eeabc7d02f5a0ddb2b8e6f6e7fd2c6f0deb32428n/a Smoke Loader
2023-02-27n/aexe c8a5519db64b4918c2e21b13c8fd75ea10ab0d05d49b241807e881dac9ef05a1n/aAmadey
2023-02-27n/aexe 1fa3662c1da1480b05b0e7ff9d80b9b233401a4925da59f62c4313b21468cb44n/aCoinMiner
2023-02-27n/aexe 6b2b19e169923a9765c225d8904983a3b7421e0d7c0e8df299721e55dbe8c01an/aCoinMiner
2023-02-27n/aexe 4164dd0414e1609215a9855e2f58ef204883de1f467f4c0708cae439f70b1f0eVirustotal results 39.13%CoinMiner
2023-02-27n/aexe ac450054f847ade7afbcc10f52ab7378d3451cf96785a6a4fb1c5fe36c4beb3dn/aRedLineStealer
2023-02-27n/aexe 3950204208a195a37353f75b060a38cf17e2591e0fdf2855607eb5dad4e22c0eVirustotal results 39.13%CoinMiner
2023-02-26n/aexe 1cfcab2db6eb7dce5af3f5845d592fe72d5be1e517d8832311dbe551e4d751e0n/aRedLineStealer
2023-02-26n/aexe 08aa38d571f86c14ad178f602fb6e09247a27762cf341317453d2d380c66c5a9Virustotal results 39.13% Smoke Loader
2023-02-26n/aexe 3334d21a0b380c527cf62e681719e35f80b43c0ac7da1b1ae5f07785f437621dVirustotal results 38.57%CoinMiner.XMRig
2023-02-26n/aexe 80b0b7d673a4ea4590edc5a52092751f61871ab72a8d3a4087c85b2e929dd6aan/aCoinMiner.XMRig
2023-02-26n/aexe c1790a04ef26812df41cf7e74d73bea3d4cdccca2358e75efcffc0d0bea93c3bVirustotal results 37.68%Smoke Loader
2023-02-26n/aexe 1609bd4206060111c2bfcb349fbe71c2bd4d6ad2a99b5d9c393c49444e9ea751n/aCoinMiner.XMRig
2023-02-26n/aexe 98fcd30002462d9efb03f43cac3994b62c60f393a7b1bd039103d46f34612ffen/aCoinMiner
2023-02-26n/aexe 10cb7d010c57f2cb568f4451e7c0b201ffb86dd17bdeda36c0d1e9bc68bcf55fVirustotal results 43.94%CoinMiner
2023-02-26n/aexe 0de527b77059d353497e0e6918dd6130dd63ee0ace25a50eff57eb2bbbe075c4n/a CoinMiner
2023-02-25n/aexe 50302a76db54396b6775562edd8a67932ffa653cbdc40ce17910278f51f80db0n/a Zyklon
2023-02-25n/aexe 19d17b27a1b48b46683e2ff55d56945412d0588adc2eca846026512c0a3e8290Virustotal results 37.14%Smoke Loader