URLhaus Database

You are currently viewing the URLhaus database entry for http://117.72.39.83:30005/02.08.2022.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3241382
URL: http://117.72.39.83:30005/02.08.2022.exe
URL Status:flame Online (spreading malware for 1 year, 7 month, 16 days, 5 hours, 36 minutes)
Host: 117.72.39.83
Date added:2024-10-18 12:58:26 UTC
Threat:Malware download Malware download
Reporter: abus3reports
Abuse complaint sent (?): Yes (2024-10-18 13:00:03 UTC to ipas{at}cnnic[dot]cn)
Tags:CobaltStrike link shellcode

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-04-1502.08.2022.exeunknown 4a34d0499660f9312fb0be419237b90f52d1c94f8d3c2db3e928414d5fcf20c8n/a 
2024-11-28n/aunknown 2b5ff616501abc2da3798e42c7033efc9a4e44ad1708cdc5126e8066eebbc5abn/a 
2024-11-27n/aunknown 4a21ab5ddb51a75027630a44740b1b8f27a76d30593b42fc1b9a832aa532efb4n/a 
2024-11-27n/aunknown 7406913ace2fcbfa7845344e2798ef46f1bb5c16870be9b89dff0a055fa88ab0n/a 
2024-11-27n/aunknown f13f4c9a4a4cc7412f9880422728f7c6c8bd2d40aff1000b406852e4e165b2a5n/a 
2024-11-14n/aunknown 67d5a2b899b13bad507cd3ad5607479a82f2f6307d01bc893055c8b37490e15bn/a 
2024-10-30n/aunknown 76dced3e0ac068f29da0eff2c54cf7a0d73b43d0f847364de5b24718bd561ab8n/a 
2024-10-28n/aunknown 1c0c0b1796aa83aa204513323d22917668b3269d77e6d9fa86bbf4efd5ecc1d0n/a 
2024-10-18n/aunknown ba09f6ecebb68c1450111084e73eff7996e12e991223667b690af8470ca02491n/a