URLhaus Database

You are currently viewing the URLhaus database entry for http://150.158.25.244:9000/Photo.scr which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3216404
URL:	http://150.158.25.244:9000/Photo.scr
URL Status:	Online (spreading malware for 1 year, 7 month, 28 days, 18 hours, 59 minutes)
Host:	150.158.25.244
Date added:	2024-10-06 12:49:13 UTC
Threat:	Malware download
Reporter:	NDA0E
Abuse complaint sent (?):	Yes (2024-10-06 12:50:26 UTC to abuse{at}tencent[dot]com,abuse{at}qq[dot]com,jsquare{at}tencent[dot]com,dreamsruan{at}tencent[dot]com)
Tags:	CoinMiner exe iframe Photo.scr scr

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2026-01-11	Photo.scr	exe	8ca04742759885a99448de88d61d2733086c2751efdb581e2fac584900291180	n/a		CoinMiner
2026-01-11	Photo.scr	exe	d1884ec780ee2f1e0bd266718f937e85913187faf4b8481fddd0baf00173af75	n/a		CoinMiner
2025-11-22	Photo.scr	exe	59c722747cc264682b96263be92ea44dafeda98e53534ca90b5dec17adfb79c4	n/a		CoinMiner
2025-05-09	Photo.scr	exe	2bdea622c10c35b18cd7ec7f24041858d6008cb2afe952f6940ee1df212c8da3	n/a		CoinMiner
2025-05-09	Photo.scr	exe	0e8b39b1b3f50542090b33e494f1d8d1df5602324ac59cc8fc358b5abb03ebe5	n/a		CoinMiner
2025-05-08	Photo.scr	exe	eb6ffdf891ee91ef8614e25aea56c5382cada167d5f19f9deb51a72084371fa9	n/a		CoinMiner
2025-03-03	n/a	exe	2d20214a6aa402ce1cd92b0cafd18bf70373cbdd4edd8c60ed63ae65aab8e5f0	n/a		CoinMiner
2025-02-26	n/a	exe	d386750e7539ddf5ef4482010d69d7d7256ed8b5a01c2a65963d25204536f4b8	n/a		CoinMiner
2025-01-25	n/a	exe	0bb6d67db338058303e03e5cdba4bfe3621f699e46d859b2b560fe23c64e639d	n/a		CoinMiner
2025-01-25	n/a	exe	dff919dc7a1e1edacfaddcec9e761f4b3deacd83004b918589014f14415d2e59	n/a		CoinMiner
2025-01-25	n/a	exe	d48f81f9de532f46d2b086e0f91a34b84ebbbd8d7643c036f6767b5b5203ae15	n/a		CoinMiner
2025-01-24	n/a	exe	35d6e1e70841b390b9fffd93a47f04e57524cb83dbe60ae4b279059a21471c5d	n/a		CoinMiner
2024-10-06	n/a	exe	807126cbae47c03c99590d081b82d5761e0b9c57a92736fc8516cf41bc564a7d	95.83%		CoinMiner