URLhaus Database

You are currently viewing the URLhaus database entry for http://185.225.74.144/files/Umm2.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2715393
URL:	http://185.225.74.144/files/Umm2.exe
URL Status:	Offline
Host:	185.225.74.144
Date added:	2023-10-01 03:52:06 UTC
Last online:	2023-10-16 13:XX:XX UTC
Threat:	Malware download
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2023-10-01 03:53:04 UTC to abuse{at}des[dot]capital,abuse{at}serverion[dot]com)
Takedown time:	15 days, 9 hours, 10 minutes (down since 2023-10-16 13:03:18 UTC)
Tags:	32 Amadey CoinMiner exe fabookie glupteba Smoke Loader Vidar

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-10-16	n/a	exe	5480033f4f26e1c4c664b35133c406aed16c80be942a475ca53b723800cad6ae	19.72%	CoinMiner
2023-10-16	n/a	exe	e08cf5870ce7c020103b4ebcd9afa9f07f2b2ec4214f8a743530cba20b4dfe75	n/a
2023-10-15	n/a	exe	2d22cc60481e1f25e5bf703cf6d8bd1d4c386036e595e6ada518eea110036332	40.85%	Vidar
2023-10-14	n/a	exe	a8fa0f3fc329d7dc807d49af679fcfea9d573bf965482632b34a0b730a87a4f7	n/a	Glupteba
2023-10-13	n/a	exe	28e6b17dbc94ab578deb129913c5d938f1b4ef81ba9484009efa13be60c957a5	n/a	CoinMiner
2023-10-12	n/a	exe	05cfbd3f4626785c405c2d7a44df767252781b6b3ff77f0dc28606f48588bc81	12.68%	CoinMiner
2023-10-11	n/a	exe	71e9af5f139c8743a53390345e7f19199b17892955f0d4607340d7b651ac869d	20.83%	Vidar
2023-10-10	n/a	exe	fc05a007f7b6a6e4a69f15f1a31822957f3aae14a81e01e7c6eb9ceac0835a3b	n/a	Amadey
2023-10-09	n/a	exe	c32c371a2c98f101953ef8ef358c050908a05b1f0e228259d4115931ee21d8b1	n/a	CoinMiner
2023-10-08	n/a	exe	f24d2e4001bfb78adf27b9dd028cdedc0e81ca00d1093521d374a2ea4b36e978	15.28%
2023-10-07	n/a	exe	62a510237e5fa4597e618e752512cba0651aeb8e7a5f29f71aa6f573a8aa5db8	8.33%	Glupteba
2023-10-06	n/a	exe	9036c5bc41459a874c258bb01b4e65049e77a03d0d341a89489abafe2419123c	15.28%	CoinMiner
2023-10-05	n/a	exe	7cd7bf6e8ec89fecb6efbad8f40556bd1e2433b58864cec67c216bbd0bacee74	18.31%	Fabookie
2023-10-04	n/a	exe	8765a0a92fa60c2a4d21ca073dcf805f320c2e3d07703b97638b38888fe25d23	n/a	Adware.DigitalPulse
2023-10-03	n/a	exe	831fc1d8df2be45780ee06e59dabb36b787c3f26f544b67688cfa91c10f5dbbf	26.39%	Smoke Loader
2023-10-02	n/a	exe	daf969ecb631e937d67df09267ac5f9bfcd533b0d5c5ddabc1a7f6148d560c95	22.22%	Amadey
2023-10-02	n/a	exe	0b67dfb73a9ef15956bc9e471c3376491967ec2bb5ebe70e5ef3ec52d24c210c	n/a	Smoke Loader
2023-10-02	n/a	exe	64f63c70e1facb137a1363aec04b2029a56f1552c721f9667156e7371adf8427	18.06%	Smoke Loader
2023-10-01	n/a	exe	48211eb921a38d79ff547aae7fadcb18ca266bb69349de67c2c0bb3ab64bb5dd	15.28%	Smoke Loader