URLhaus Database

You are currently viewing the URLhaus database entry for http://91.103.252.189/Update_controller.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2710939
URL: http://91.103.252.189/Update_controller.exe
URL Status:Offline
Host: 91.103.252.189
Date added:2023-09-10 05:42:05 UTC
Last online:2023-09-20 21:XX:XX UTC
Threat:Malware download Malware download
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2023-09-10 05:43:05 UTC to support{at}zerohost[dot]network)
Takedown time:10 days, 15 hours, 39 minutes Bad (down since 2023-09-20 21:22:46 UTC)
Tags:32 exe frp

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-09-18n/aexe db72b1c64043decbdbb082e4ada7630ee51d57d08ed2c01127a2d915a8884194n/a Ransomware.KnightCrypt
2023-09-16n/aexe e18a08afe9265400c674a3f913fed22493c1bd8d7b4b68f85dfe577f690342f6n/a frp
2023-09-16n/aexe 6cee96f154f707be4834ce78caefccb007f9b14e974459d737217f9bb45cc2f3n/a 
2023-09-15n/aexe ba195573fd36335a022dace93747733e90a2d7558a4aec25b0b04d1129e37650n/a 
2023-09-15n/aexe c35cfe303fe72c85dd235c4e42d3506e41e3e599c6351957ec77edc3481bb2ddn/a 
2023-09-15n/aexe 47f4d6277daa7b41d5733483191c6aa66734cef1ac30cc751a37b3bf0d75eaf7n/a 
2023-09-15n/aexe d061f88342ec0fb9a73d5ea8832f9c2782ecfdef3499884f5a515983dcf4a258n/a 
2023-09-13n/aexe 53df878075f1d49acaac9cb620bcac6542020c5015b1473ef4d349aabe58dd06n/a 
2023-09-10n/aexe 56adaaf0de157fa8b026b07494393bffd8673c044cedc997e14bdc9d6412a16en/a
2023-09-10n/aexe c27968c70424a38c6f692921062abcdd71714ad0ab1e6a16abaf28fc44602253Virustotal results 18.57%