URLhaus Database

You are currently viewing the URLhaus database entry for http://45.9.74.80/2701.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2565187
URL:	http://45.9.74.80/2701.exe
URL Status:	Offline
Host:	45.9.74.80
Date added:	2023-03-10 12:09:04 UTC
Last online:	2023-03-26 20:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2023-03-10 12:10:09 UTC to abuse{at}lethost[dot]co)
Takedown time:	16 days, 7 hours, 55 minutes (down since 2023-03-26 20:05:39 UTC)
Tags:	Amadey exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-03-21	n/a	exe	8bee3d713fc207a8ca82e8eaf85396b55fcd29fe9214a83ce9399fa48ac4bd4b	60.29%	Amadey
2023-03-19	n/a	exe	033bbc64f889777be17fa5bc28439d1ee79c94a611a58853790eb865c7d87d54	n/a	Amadey
2023-03-16	n/a	exe	d3e1e0659ff9d7843f91e722d6e94cff0cbf891ab115b7dc23bde7c52a9ead09	62.32%	ManusCrypt
2023-03-14	n/a	exe	18ab77b46f43847e5544dca47ad24c7a241d3ddf20f9a4ed5f663c477a1420e7	62.32%	Amadey
2023-03-10	n/a	exe	0c802565c73fd2fd624ecab818162f8873935308ebc95f3b17fa74a6c582db12	57.97%	Amadey
2023-03-10	n/a	exe	ad716b9b395d65dca7a31117215c2adedf392162eab7beee500f8061db4785c0	66.67%	ManusCrypt