URLhaus Database

You are currently viewing the URLhaus database entry for http://185.215.113.202/dima/doza.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3194531
URL:	http://185.215.113.202/dima/doza.exe
URL Status:	Offline
Host:	185.215.113.202
Date added:	2024-09-28 05:46:48 UTC
Last online:	2024-09-30 00:XX:XX UTC
Threat:	Malware download
Reporter:	Bitsight
Abuse complaint sent (?):	Yes (2024-09-28 08:18:08 UTC to automatic-abuse{at}eliteteam[dot]to)
Takedown time:	1 day, 15 hours, 56 minutes (down since 2024-09-30 00:14:33 UTC)
Tags:	Amadey dropped-by-PrivateLoader

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-09-29	n/a	exe	20d9acb0d91c57d13c1df79abafb9b9a5fbc9f6d4a449a262d7994e43fb7fc4a	53.42%	Amadey
2024-09-29	n/a	exe	83f5e08f80cb28ba3197e06721b05fc1a1018cb7ea908f054aea6a69014e1a13	n/a	Amadey
2024-09-29	n/a	exe	5d9fc820933c650e6a2e6cb69325278662fcb03e60e75d6df2e5cefc72db628b	n/a	Amadey
2024-09-29	n/a	exe	70548a31ac0812cee3dc42335bf57c28b78acb3b07f8188908f2bc98b9264eef	n/a	Amadey
2024-09-29	n/a	exe	8cc3bfc14bfd957d4583038b11fb8af4e00a04a583386ff6c3c725e5c1090045	n/a	Amadey
2024-09-29	n/a	exe	7071c814904d91a8d268d259f7f95ad3350a347f74728f8c7d547e8eab136936	n/a	Amadey
2024-09-29	n/a	exe	52aab14110d4d305945b7de0928a31063149c628eb6a48da85676d56c4af7094	n/a	Amadey
2024-09-29	n/a	exe	75dbd0f0f93f31f736409d0ffe5b2eaca1f18a99c20df7c8bb110d3b087fb1c5	n/a	Amadey
2024-09-29	n/a	exe	04d8c976b57bc159cc7057a32676743cbfae8bf4b7b272bc6d4e5ebdc9f9d696	53.42%	Amadey
2024-09-29	n/a	exe	d16bb3a9b96e4375eb301294651389efa855a3118bb41194b784681dd967613f	n/a	Amadey
2024-09-29	n/a	exe	e559b32ada8136d3ba5d2bd7ecac169d46b7f1bf94294455015f1addcd1cce6d	n/a	Amadey
2024-09-28	n/a	exe	6d612fa30dc3d5d416ff383950e5528a6cf9dbfd1957542f4072fc6f7256a278	n/a	Amadey
2024-09-28	n/a	exe	04b63bf59e6d4faa38f94b884c8a75a5fdcf604d55a34b812bfd6830b93da63a	n/a	Amadey
2024-09-28	n/a	exe	15211d34ba516b8e443ec8b0ca75743734ba69655c2f040eacc0dcc9313fc77d	58.33%	Amadey
2024-09-28	n/a	exe	261356f9a9c838b0253940fd80f858424e91cf40164927ed8ea97871926d47bf	n/a	Amadey
2024-09-28	n/a	exe	bf597d69c23d39e614dcd08a8134e5ab45e85c59df8842a3b6b41b3b0c7d1fec	n/a	Amadey
2024-09-28	n/a	exe	0f13463688483d8a85c27899e05c954ec546372676f649d73e3c831d26d35202	n/a	Amadey
2024-09-28	n/a	exe	7506ac19a0bd3bd64301fc1d5df02cb769fc870d17165bbead327e162b552e11	n/a	Amadey
2024-09-28	n/a	exe	1bc72350fb89f491007af570e1f0af1d67cc4131b3f9154375dba9df150c336a	n/a	Amadey