URLhaus Database

You are currently viewing the URLhaus database entry for http://144.172.71.105:1338/nova_flow/patcher.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3129654
URL: http://144.172.71.105:1338/nova_flow/patcher.exe
URL Status:flame Online (spreading malware for 1 year, 9 month, 8 days, 23 hours, 48 minutes)
Host: 144.172.71.105
Date added:2024-08-26 16:53:09 UTC
Threat:Malware download Malware download
Reporter: SynapticShaam
Abuse complaint sent (?): Yes (2024-08-26 16:54:09 UTC to admin{at}galaxygate[dot]net)
Tags:exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-01-11patcher.exeexe 95fa37fcd61f31e09a5f58cdf0fab5f01363fb96c3ebb1749650d29b3a6cf010n/a 
2026-01-11patcher.exeexe 4b93d62b51cd0ce97f0dc0dec47c2ac567c4f943ec2f9d265a7d616a2cf52cf2n/a 
2025-08-10patcher.exeexe 62ecbc31c422c3151e9305c720a5b5387a9252a81907ba4f8ea8bbdcdae1f9a5n/a 
2025-08-08patcher.exeexe a48925434cc7849e03f55e1e452ad501cc14c6d6b947cac6533c8c62503a82ean/a 
2025-07-17patcher.exeexe 36a56bd3de36b6794859aa962389b042a540b169d808d22e3008317ac9127cf9n/a 
2025-05-09patcher.exeexe 8d2ff09a92562c3da490413d27a906c5f2b829e4001f9ebb9fed4f574f081820n/a 
2025-05-08patcher.exeexe 95f066b01ba5605ec2d29b2a4e2867425fda56681365ef91b81a6a4b2272c21en/a 
2025-05-08patcher.exeexe 7e932330080edac584f08fb6982f2f6a705803182e3c9918fed16174bdaffe03n/a 
2025-03-16n/aexe 4f05c0124925e52e0c6e878a4cc3b3696b1246f1d6d1f2292dcb4bcda9bf2cd3n/a 
2025-03-16n/aexe 0678108afabbcbcd2b6f96dfaf8abae5a1a85ec12b0afdb423b90e5786c6d5d4n/a 
2025-03-15n/aexe 7d0abd57efa0771545fc46e662c42d6923867b348c3935019c3d2853c2fc772fn/a 
2025-03-15n/aexe dd35284e8c10ac17e2e8f03963910bf07e9782afeeb046a6ae4df3ad7a23a971n/a 
2025-03-14n/aexe 0bcb1336b49960bbd5bcee1806119bf069d2c442ab532f3266db47cde2e92c69n/a 
2025-01-26n/aexe a9f34b1e112005f845fa0d7105e21992f5532346cc800ade1b7812d52928b611n/a 
2025-01-25n/aexe 6f8817ee302e7dca3af39c80cc18a2acff030ff7f455fc4660b7c1d5a89482d9n/a 
2024-09-20n/aexe ba5a91f69c120a356ec57eb55beca47ddce895c7753ad52783d63eb2c61e42c6n/a 
2024-08-26n/aexe b36cc9e932421fed1817921a41d4340577a4785f658d8f0e9a2b95ef4444be4fVirustotal results 8.00%