URLhaus Database

You are currently viewing the URLhaus database entry for http://193.233.132.167/lend/USA123.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2774656
URL:	http://193.233.132.167/lend/USA123.exe
URL Status:	Offline
Host:	193.233.132.167
Date added:	2024-03-03 04:12:08 UTC
Last online:	2024-05-01 21:XX:XX UTC
Threat:	Malware download
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2024-03-03 04:13:05 UTC to abuse{at}sunhost[dot]ltd)
Takedown time:	1 month, 29 days, 16 hours, 59 minutes (down since 2024-05-01 21:12:42 UTC)
Tags:	32 exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-03-19	n/a	exe	b587d6578456dcaad666041274d15eba0d3d5773a1018540298cb16b6e2aef3c	n/a
2024-03-18	n/a	exe	0765cf8d9c00fcde462a409d97b9786f8abf6d61ac3f08d207a3a96476ac2100	n/a
2024-03-16	n/a	exe	9f9c85b10e12a1f433a0ad416abffc187d46498533e7586df707708bbbc2e796	n/a
2024-03-15	n/a	exe	aaa8da69f7ffc5566366bf73f75d991520f31b067860b9c3181ba2d1243d3823	n/a
2024-03-13	n/a	exe	4d28ee01fa87a9d05b8ad8046e7ee3aefd3db696408f150bc80a226420413fff	n/a
2024-03-03	n/a	exe	35b5f1ecbedb1bd24453420b7e34d743ea9af6cde269eaa20be9ef81775de6e2	56.94%	MillenuimRAT