URLhaus Database

You are currently viewing the URLhaus database entry for http://111.231.145.137:8888/supershell/compile/download/3.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3086395
URL:	http://111.231.145.137:8888/supershell/compile/download/3.exe
URL Status:	Offline
Host:	111.231.145.137
Date added:	2024-08-03 08:26:30 UTC
Last online:	2025-07-31 11:XX:XX UTC
Threat:	Malware download
Reporter:	ClearlyNotB
Abuse complaint sent (?):	Yes (2024-08-03 08:27:18 UTC to abuse{at}tencent[dot]com,abuse{at}qq[dot]com,jsquare{at}tencent[dot]com,dreamsruan{at}tencent[dot]com)
Takedown time:	1 year, 0 month, 2 days, 2 hours, 34 minutes (down since 2025-07-31 11:01:30 UTC)
Tags:	supershell-c2

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT
2025-03-14	n/a	exe	2cee18bb350d77d4981895f2145e5d7a4527ac2ec57c90420df0511371f2ab28	n/a
2024-10-04	n/a	exe	522137e05dda91a4bb9f52b13e73f2938e8f9a1917243162ec4c5e1ce10897ba	n/a
2024-08-17	n/a	exe	3288c8731242b9f0f406d419f5dd6b2a93739e89ffadfd04497e5f83069abc7e	n/a
2024-08-14	n/a	exe	d9459f1eb1da1a0d7e3d4548b614f8e3d028a5d7797fd1ec72b52ffeda6f2cbc	n/a
2024-08-03	n/a	exe	efc9e08763b007f9c9d3e6b36cd612539a54e058a6dcd488edcff4e214ca40be	n/a