URLhaus Database

You are currently viewing the URLhaus database entry for http://195.20.16.153/xmrig.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2736779
URL: http://195.20.16.153/xmrig.exe
URL Status:Offline
Host: 195.20.16.153
Date added:2023-12-02 16:55:10 UTC
Last online:2024-05-04 20:XX:XX UTC
Threat:Malware download Malware download
Reporter: abuse_ch
Abuse complaint sent (?): Yes (2023-12-02 16:56:05 UTC to support{at}zerohost[dot]network)
Takedown time:5 months, 4 days, 3 hours, 21 minutes Bad (down since 2024-05-04 20:17:41 UTC)
Tags:CoinMiner

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2024-04-18n/aexe f020df6685e507f5e6c77a11604749babacab99174bc65decc5f327733456b8fn/a 
2024-03-20n/aexe 0ca631938464068857a004883908d5196083f5f4ec4e1a18446e8b66ad60a164n/a 
2024-03-18n/aexe d9b3ca10e2b75f7ea142d922fb1dac3c4c5323cdb87a19ae7aa1ede3a8872be5n/a 
2024-03-18n/aexe 946b8a0bb2a290ce4a0b2b730d5c0a711bb6bc287da55c2e3e9e030b103b6c86n/a CoinMiner
2024-03-17n/aexe 089a50cca42a1ae1c8f50ea4d242fa2a5c3087e79031d6016541dc813fc30f4cn/a 
2024-03-16n/aexe f85030b5d9f9372c4c164aa9248be4e9dd9c65d9e62d007ac77a1bb88dfd6c5dn/a 
2024-03-16n/aexe 3bcf62c957993b1e105ab7b7bcf71ad54ee2269cff5f492d40e7b0fcd1702e27n/a 
2024-03-15n/aexe a6f1c569f43255f59537f46fb9c74ad26381a09a88abab8b0c9626893136d246n/a 
2024-02-19n/aexe f07c7223fdb691acbf0ebc7d9cc2ae614c0cf705920420c0130248a0c0e861d4Virustotal results 78.87% 
2024-01-26n/aexe f0f824d54b34284737684585a5a2e4098af11792f762950b6b2115980b238158n/a 
2023-12-02n/aexe cbc0c90dfd9f0a4c60d50b18802a3b62724706d819a6cb7940c73f4f6cb7b319Virustotal results 59.72% CoinMiner