URLhaus Database

You are currently viewing the URLhaus database entry for http://5.181.80.126/shells which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2750577
URL:	http://5.181.80.126/shells
URL Status:	Offline
Host:	5.181.80.126
Date added:	2024-01-23 00:32:04 UTC
Last online:	2024-02-04 13:XX:XX UTC
Threat:	Malware download
Reporter:	geenensp
Abuse complaint sent (?):	Yes (2024-01-23 00:33:06 UTC to noc{at}4vendeta[dot]com)
Takedown time:	12 days, 12 hours, 32 minutes (down since 2024-02-04 13:05:48 UTC)
Tags:	script

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2024-01-29	n/a	unknown	5071cc116c5c68ec78a8a894ef3999e60b2fbba75fef9ccbc64e9949cd4f1147	n/a
2024-01-29	n/a	unknown	b0625afc0deb1fe88781e7f2b350d78801d07c3d0ec5ff970cc0266dc2b1a65a	n/a
2024-01-29	n/a	unknown	835cf8e02935701549f532f43a1660bd8e1953d8599a375b5aa9a6c6925a3659	n/a
2024-01-28	n/a	unknown	b2d1c18c6e8a53a6a13b1d99fd37ff427d1079620527c55b876fdbd13ea76728	n/a
2024-01-28	n/a	unknown	6a09e8ca62fb93a06ce2176efb19438768920b9f86325e8d4cc002519af5c109	n/a
2024-01-27	n/a	unknown	337f44acf522a6aa29de5bc5bc6d3393cae0e5e1131fdce8a612e4f02cace4e3	n/a
2024-01-27	n/a	unknown	beeb34daf029425341e5c663a2e49d95c0d801f99a12fd69b43339283ef6c675	n/a
2024-01-27	n/a	unknown	cf65e5addb8a7889245a0a3061605ae8ca0e29276a2cfab58b1b261bd358f823	n/a
2024-01-24	n/a	unknown	128b3286c4bbd6d6a249b37684a30212b0da853106442b7e80221c92848fc08b	n/a
2024-01-24	n/a	unknown	f9adacf58253a66da2db7da679cc85a51ac87c76c930e57a75cab887605dda57	n/a
2024-01-23	n/a	unknown	037cdfe0d5310c8412c284de9aa2af488d956051471ca4b9312f100d72cddf60	n/a
2024-01-23	n/a	unknown	9fd57eda9b4e0539fe6f34fc7ab36d9d118d967f898aa6711c9e8788cd108de8	12.28%