URLhaus Database

You are currently viewing the URLhaus database entry for http://147.45.44.104/yuop/66b1f63c9578f_doz.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3094139
URL:	http://147.45.44.104/yuop/66b1f63c9578f_doz.exe
URL Status:	Offline
Host:	147.45.44.104
Date added:	2024-08-07 06:46:08 UTC
Last online:	2024-10-22 16:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2024-08-07 06:47:08 UTC to karina-rashkovska{at}ukr[dot]net)
Takedown time:	2 months, 16 days, 9 hours, 35 minutes (down since 2024-10-22 16:22:59 UTC)
Tags:	exe Vidar

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-10-18	n/a	exe	aca95a82e228e5ce61839dbed9a01c19ab12d5095e96730c0038d64ccade3646	n/a
2024-10-17	n/a	exe	c70d43962ccd395ff449f6f0491a5b591b1fbbb9e4aa851f575af57f62ce75e1	n/a
2024-10-15	n/a	exe	676c95b8cfcfb1ab0c62b014f684a20f254732a8995d0a5d2d6a0f5f9bd71bb1	n/a
2024-09-27	n/a	exe	fb34913588c28186e19099c90bcfdd52f330fce7aa0183d362f949dcf05574dc	n/a
2024-08-13	n/a	exe	f907cc26f6f10798fb00cc1f89e225a699a300269b49abe71d96f8fd52825334	n/a
2024-08-07	n/a	exe	59778733797d1033f33e5803810777b199bab7a53710c385c9f8b1cea648d4ec	20.27%	Vidar