URLhaus Database

You are currently viewing the URLhaus database entry for http://222.130.139.27:8085/AV.scr which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2845985
URL:	http://222.130.139.27:8085/AV.scr
URL Status:	Offline
Host:	222.130.139.27
Date added:	2024-05-10 20:07:28 UTC
Last online:	2024-06-15 09:XX:XX UTC
Threat:	Malware download
Reporter:	NDA0E
Abuse complaint sent (?):	Yes (2024-05-10 20:08:10 UTC to zhaoyz3{at}chinaunicom[dot]cn)
Takedown time:	1 month, 5 days, 13 hours, 38 minutes (down since 2024-06-15 09:46:24 UTC)
Tags:	CoinMiner scr

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-06-14	n/a	exe	30e744b8a2e6216aa7399dcab7e5bfe8ab7389046077d200e98687e1a090a4d6	n/a	CoinMiner
2024-06-13	n/a	exe	3b93985811c4f405bda313c2445d16d845748160aa4f2f656488498dfa050dcf	n/a
2024-06-10	n/a	exe	9194b57673209c8534888f61b0cdefa34f463ae50cd78f72ab2b3348220baaf9	81.08%	CoinMiner
2024-06-09	n/a	exe	d20a311d17a5e9bc3f6843314321fcdd961cc117c79e5445235775adbbeff2ed	n/a	CoinMiner
2024-05-31	n/a	exe	74e57d84d41f6ae82889c24f99a6be481e5a38cfbcc621eed569ceeee938ee14	n/a	CoinMiner
2024-05-29	n/a	exe	b3a5dd85691684c542bf8ded4f9c6add9a8da700a4a906fa135cb0a6c106f132	n/a	CoinMiner
2024-05-29	n/a	exe	ebcdf536447cba219a13756c00c97b4ed5fea47f2cbf2283ea86e80216d3822e	75.00%	CoinMiner
2024-05-26	n/a	exe	57ddb74bc065c31d518113aabe30821062ec3eda78ef2f3a40bd0bd68e98369d	n/a	CoinMiner
2024-05-23	n/a	exe	92cc79b4201dd295230293ffa04cefd588f8e7928f084fe6bbbb6b7143d5c2a3	n/a	CoinMiner
2024-05-18	n/a	exe	f6d35f84d936ed150447c944f219e08ad1db57da95cbcf7539cdbc339f32576b	n/a	CoinMiner
2024-05-12	n/a	exe	af94ddf7c35b9d9f016a5a4b232b43e071d59c6beb1560ba76df20df7b49ca4c	79.45%	CoinMiner
2024-05-12	n/a	exe	43201854dde7eee07bd5e76e8743e55c87c921103fee69052f1dabb012a6d029	n/a	CoinMiner
2024-05-11	n/a	exe	3d248cf9f789e986720a5284371d6ad2d48acc349b77f1a8498b965479bc3034	n/a	CoinMiner
2024-05-10	n/a	exe	5d9fe2735d4399d98e6e6a792b1feb26d6f2d9a5d77944ecacb4b4837e5e5fca	77.78%	CoinMiner