URLhaus Database

You are currently viewing the URLhaus database entry for http://171.22.28.221/files/Ads.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2721934
URL:	http://171.22.28.221/files/Ads.exe
URL Status:	Offline
Host:	171.22.28.221
Date added:	2023-10-18 09:36:05 UTC
Last online:	2023-11-06 06:XX:XX UTC
Threat:	Malware download
Reporter:	andretavare5
Abuse complaint sent (?):	Yes (2023-10-18 09:37:05 UTC to matrixllp{at}skiff[dot]com)
Takedown time:	18 days, 20 hours, 24 minutes (down since 2023-11-06 06:01:25 UTC)
Tags:	CoinMiner dropped-by-PrivateLoader GuLoader Smoke Loader Stealc Vidar

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-11-05	n/a	exe	1db0b59b7d436ea6160df9ca561543ea77cf6243fcf21a46282852d67421da7e	27.78%	Vidar
2023-11-03	n/a	exe	57dd76c7c512afbed21d7304a66fffd89cd904c39a47d459a49aec1f5f1d5235	19.44%	Smoke Loader
2023-11-02	n/a	exe	fc0648345e4be061ff4ec08d72c7210afa00a8ff3c490dd0e4f023474e87bef9	n/a	Stealc
2023-11-01	n/a	exe	c77aeea8df56c68cf64ac5486a0d5774a1bd8dc6f94e3fa8ae447ff78ec12ace	29.17%	GuLoader
2023-10-31	n/a	exe	d86b530f1dcf5d9ac1b107aee3085d7dec763b4bcbeddabc0d64451d2eacc9e0	n/a	Smoke Loader
2023-10-30	n/a	exe	81d8a95cc4f8b19d5f4d16defb6b3ffdc73bad55e0ab693fcd4ab9cbd5ec2007	n/a	Vidar
2023-10-29	n/a	exe	8defddf3ccf1ca34a7338088a7c98f08569532d0474a5221533b715364921f86	n/a	Vidar
2023-10-28	n/a	exe	c4d9a23f816da2a5aa705f929a5256d12561213db129569b428e7ac1fb06e281	23.61%	Vidar
2023-10-27	n/a	exe	fb46f514e4855f599b2ec64c446379333f40be5d2181a7397acd67223bd1bc4d	n/a	Vidar
2023-10-26	n/a	exe	71e7386e8129da10222a7af399561b240b0d9ae7507f87d9ee6d57b2dda57ef9	n/a	Smoke Loader
2023-10-25	n/a	exe	b2b1e6f6933698b6d0f71aad551767d7d2505a3e419ab9366a87351e054eee4d	n/a	CoinMiner
2023-10-24	n/a	exe	ab9a4f2751495094eb7f380d00c52e9a549eb8aaf2cc1c3280f5c3935ae57d08	n/a	CoinMiner
2023-10-23	n/a	exe	ed451ab9bc98df781e851bc59415edb980f7f74f940900d91cb710f22b37d27e	n/a	CoinMiner
2023-10-22	n/a	exe	e89d8af6209b99543fd2dcc8a37842d40e4d54ab8f52ce635665c432a152d8d6	n/a	Vidar
2023-10-21	n/a	exe	402118a1fe9e2e3c12ba4e931e9e3afeeb464e0bd5cf075e926062c7a7255d87	n/a	CoinMiner
2023-10-20	n/a	exe	85c7ebf244cb05f624baea0b1526c57ba3ecaa05583c27fe814217f9ffbf020c	2.78%	CoinMiner
2023-10-19	n/a	exe	5542b734aa51cdf40fc76764121cf18b17f57baa31467a8ece3d14677acc5645	22.22%	Vidar
2023-10-18	n/a	exe	b7980abb0fbb1e27c9dfd24f2d36891986e3325b2596fff09baa3904830eac0c	13.89%	Vidar