URLhaus Database

You are currently viewing the URLhaus database entry for http://77.91.68.3/fuza/gusan.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2709458
URL:	http://77.91.68.3/fuza/gusan.exe
URL Status:	Offline
Host:	77.91.68.3
Date added:	2023-09-04 07:40:08 UTC
Last online:	2023-09-05 21:XX:XX UTC
Threat:	Malware download
Reporter:	Casperinous
Abuse complaint sent (?):	Yes (2023-09-04 07:41:06 UTC to abuse{at}yeezyhost[dot]net)
Takedown time:	1 day, 13 hours, 29 minutes (down since 2023-09-05 21:10:16 UTC)
Tags:	dropped-by-SmokeLoader

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT
2023-09-04	n/a	exe	d21d1a22fae807687828f71f86a5b5c1efe7fac2f0d7db69faf4b7b963753785	40.91%
2023-09-04	n/a	exe	89abc14445a61a815bd5cd3c2e7e8971b6e4a51d00b3b861f2c0ca9bdd785ccb	40.32%
2023-09-04	n/a	exe	af680e8343ebc374210f71af4dd678a228b2b0d2bc875dc8f54e9730a490324d	41.54%
2023-09-04	n/a	exe	ffe12dbc406ff3b0be1a51a75b228338b217cd49c91190f74392c994fa510761	40.30%
2023-09-04	n/a	exe	acc08b39d5def5850a8a8a97914220d4747abb930eeb22658c963ace834a88fe	37.88%
2023-09-04	n/a	exe	3becfc1f1dee355d1c3bef09c09c5290e6d444c2601b397afc880e8789465ce4	38.81%
2023-09-04	n/a	exe	c0ca3b7b303eb521724a9304137fc6a0c4b41b1f0af8c42da41275f17a880114	n/a