URLhaus Database

You are currently viewing the URLhaus database entry for https://github.com/sdifru877234/ilu123g5/raw/main/svchost.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3271605
URL: https://github.com/sdifru877234/ilu123g5/raw/main/svchost.exe
URL Status:flame Online (spreading malware for 1 year, 7 month, 1 days, 2 hours, 26 minutes)
Host: github.com
Date added:2024-11-02 14:33:20 UTC
Threat:Malware download Malware download
URLhaus blocklist:Blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: abus3reports
Abuse complaint sent (?): Yes (2024-12-20 07:39:01 UTC to noc{at}github[dot]com)
Tags:exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-01-11n/aexe b4301e2983875c3849b02cf13e24e54f043e204a14cb03cb75278950172dc03cn/a 
2024-12-28n/aexe 296bd7309e1c71c9a17c3ed9cd11c9ffc59c525b63fafd90037ccb2537e65384n/a 
2024-12-21n/aexe 4ff71208155418ffa9e22eec6d28f3582ced6a5a681b6776e691684ce42fe69bn/a 
2024-12-13n/aexe f80f3da6ae0e604c3f1cb9d2fdb2e42027a492e5d17bb5b18b145adc4858cdb2n/a 
2024-12-08n/aexe 268a60a481621e4ae3dc0678615e9408027af59dcca1fb499858f65a935bee00n/a 
2024-12-07n/aexe 8a9d61a28db80cd1367d1278714ce2637e0f0f53cde6f14761c8ba8d77d3f673n/a 
2024-11-08n/aexe 65611377bddd6b7da73acccbf16ec2d04f6714d627205be8d0bd458d00f88fb5n/a 
2024-11-02n/aexe 86d3d5b15b0a85a25f326efe0c90a6d71363b542e5469409f51ff90d89182021Virustotal results 46.67%