URLhaus Database

You are currently viewing the URLhaus database entry for http://94.76.156.101:280/Photo.scr which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3216306
URL:	http://94.76.156.101:280/Photo.scr
URL Status:	Online (spreading malware for 1 year, 7 month, 28 days, 9 hours, 20 minutes)
Host:	94.76.156.101
Date added:	2024-10-06 12:46:14 UTC
Threat:	Malware download
Reporter:	NDA0E
Abuse complaint sent (?):	Yes (2024-10-06 12:47:16 UTC to abuse{at}airenetworks[dot]es)
Tags:	CoinMiner exe iframe Photo.scr scr

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2026-01-20	Photo.scr	exe	22439050d012a16fa5788cbe4a5aa4e2529f80fb79e7d814c90ad60642bf793a	n/a		CoinMiner
2025-11-27	Photo.scr	exe	c84d58bfc2ce011c438e1b9f282cbd1e0fb48cbf4c36e1de455710f292668513	63.01%		CoinMiner
2025-10-26	Photo.scr	exe	af94ddf7c35b9d9f016a5a4b232b43e071d59c6beb1560ba76df20df7b49ca4c	80.56%		CoinMiner
2025-10-03	Photo.scr	exe	0a28f3a0c8c96eac42d4c2ea785a32f0b1be6210ce5d694d39489a8c4bd812bc	n/a		CoinMiner
2025-08-12	Photo.scr	exe	d92d4d2fce388868ed8b69a5617af1596226cc662c01d0904a4ba9aa9e080db0	n/a		CoinMiner
2025-08-03	Photo.scr	exe	3fde84a46aea58ba4ddb5fb0473fc756ff209ba96b1a63a2759d13b8adc01a69	80.56%		CoinMiner
2025-07-31	Photo.scr	exe	589a4688f7ef6b121394b8c50296764055d31ca9e66cd42ff55b6623a4ec47f1	n/a
2025-04-19	Photo.scr	exe	945ec8c794a455eeac52c98a63d18d4d34262793e7518609c143389e87653e6f	2.78%
2025-03-15	n/a	exe	e2965119b0567254f6dfd852207cc9a55983eb4dfbc4729583ed206792eb1506	n/a
2025-02-21	n/a	exe	7fe8f2cb0e90fe0740f640a6301d078cadc95c498cadbe6e0ebcd5dc8ad05446	n/a
2024-12-27	n/a	exe	c0d596cdedcf0df14590f91a647a5522797e777b0671ee8432e9a4f4c2731c19	4.17%
2024-10-29	n/a	exe	017fc95857c1a288903f988a25ea23e6d176c334eae31c40c7effb08cdcea2a8	n/a
2024-10-06	n/a	exe	960a686fcf9befd614f7bd7b254336a199eb6de16a583f4e3bda9cbff20a18af	n/a