URLhaus Database

You are currently viewing the URLhaus database entry for http://111.231.145.137:8888/supershell/compile/download/2.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3086407
URL:	http://111.231.145.137:8888/supershell/compile/download/2.exe
URL Status:	Offline
Host:	111.231.145.137
Date added:	2024-08-03 08:26:42 UTC
Last online:	2025-07-31 11:XX:XX UTC
Threat:	Malware download
Reporter:	ClearlyNotB
Abuse complaint sent (?):	Yes (2024-08-03 08:27:18 UTC to abuse{at}tencent[dot]com,abuse{at}qq[dot]com,jsquare{at}tencent[dot]com,dreamsruan{at}tencent[dot]com)
Takedown time:	1 year, 0 month, 2 days, 3 hours, 10 minutes (down since 2025-07-31 11:37:48 UTC)
Tags:	supershell supershell-c2

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2025-05-09	2.exe	exe	010dbb511dd4591b051b7f34483fc9dbfdbc8c387ac21542f5f653eed5811134	n/a
2025-03-13	n/a	exe	a9591b2e7c884ebfaf809f5d3365d7ccaa7cf973fe7f7ffbdf7f0d66ad8de2c0	n/a
2024-08-23	n/a	exe	9b8492ba2103fd32a3823d4cbb0ce4c94632a454b09b73e33e8e6f3e6b468ce0	n/a
2024-08-09	n/a	exe	4f7a2290ca2519755272a2732947d20da2d0f048daee06ae53ec11209395035e	n/a
2024-08-03	n/a	exe	eac4b5ccc69f0e43af59045cb2d382aaf8bbe1ffcd904c3613ff9c4cbe8e1cd0	n/a	Supershell