URLhaus Database

You are currently viewing the URLhaus database entry for http://pid.fly160.com/download/etermproxy.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3236236
URL: http://pid.fly160.com/download/etermproxy.exe
URL Status:flame Online (spreading malware for 1 year, 7 month, 19 days, 6 hours, 41 minutes)
Host: pid.fly160.com
Date added:2024-10-15 15:27:00 UTC
Threat:Malware download Malware download
URLhaus blocklist:Blocked
Spamhaus DBL :Abused domain (malware)
SURBL :Not blocked
Quad9 :Blocked
AdGuard :Blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Not blocked
Reporter: abus3reports
Abuse complaint sent (?): Yes (2024-10-15 15:27:30 UTC to anti-spam{at}list[dot]alibaba-inc[dot]com,abuse{at}12321[dot]cn,abuse{at}alibaba-inc[dot]com)
Tags:exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-03-10n/aexe 657512d4cbe3e4c08cc79e5e4f296788a39551b8f58ceddb95e22e7df8544cb5n/a 
2025-02-05n/aexe 8ed397d2b559fdc8d3a3523f33c2b925e8a92ef06874e69a8fc01abbd6ab0a11n/a 
2025-01-12n/aexe c236d3a5ab073b21d3d396ce8d75d060d62fd1ca8c7204433c0e4d8ddc870355n/a 
2025-01-02n/aexe da8bebb9b5d3ab673b5d58750fb585a2bdc81c69b145e0b705efc6d26d24948dn/a 
2025-01-02n/aexe 973498eb9f02a54213b3cc8aee4cdd42a898b96a9a5272b4202a969082d944c5n/a 
2024-12-31n/aexe ffa392a9d844c5fbb499a52ee403fc1c5a936b8172833cf9850d645af296c079n/a 
2024-12-29n/aexe e70546ee1adffa369d793e8466cb27d8620f2a106ea432875819ed7aa7fe1f88n/a 
2024-12-28n/aexe 6aae370af052b4a93b5ff4e0a5e507168006d0bc4be4fc46d77520859ad90804n/a 
2024-12-28n/aexe acb248e7fad0ceca9507db9bf395dd7def722296de1fad6703947dee3cea0776n/a 
2024-12-26n/aexe fcaeed1bc6ab9482bf284e279d597c4e50e22d0d6a66f5b9da6116c2c96bd4e3n/a 
2024-12-25n/aexe 7a2585996b7dd26bd0addf1151d94a7d238df2a8bc42e70c0ead8ecd9f2c0990n/a 
2024-12-24n/aexe c6a0535d972989111d6c078d3f14b8c8223c4bce7363b3d29b6d481845b9cb11n/a 
2024-12-24n/aexe 1c7898314458cc982377d15a7eb5a27cd488e311dafae33c464237a13c055697n/a 
2024-12-23n/aexe 3e496927a576be5a27e8460afd87e22d412a360d3c4fab8708e40f2abda38f51n/a 
2024-12-23n/aexe 368520c6cdfc5e7cd9f16ce9fd296ac43a4f80ed6df9affb5a1e140a8d5b0f58n/a 
2024-12-22n/aexe 2a156767eb92afe25871dde992f76b8a4aa92100a9edd2cc69ad996948db4af2n/a 
2024-12-20n/aexe 050c579c5361646d74171e2c6ed0ffc88e5a2f3545d3e5af548abee1309e137fn/a 
2024-12-17n/aexe 8d25798f46b54ba77cbb590b5679c7c9e8915cf716c66a347344d4c5374ef7d8n/a 
2024-12-10n/aexe dd13d81fe1c2f8282c67a3505e1c278019948d0bdaa4d97c1feee0748f1c7a7en/a 
2024-12-09n/aexe 3addfc04eff7e20b52eccf53249704f46e324109d006ca6937e9ae44bdf395cbn/a 
2024-12-07n/aexe f9ef779b9b566b59e47a92b12f1c149149f15456d1a150b656db92312e66f6f2n/a
2024-10-15n/aexe eec3465923bf6b5dd10a7dd9437687342b6278d2709b0840731e77d53571c29eVirustotal results 33.33%