URLhaus Database

You are currently viewing the URLhaus database entry for http://222.186.172.42:1000/W1.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3303914
URL:	http://222.186.172.42:1000/W1.exe
URL Status:	Offline
Host:	222.186.172.42
Date added:	2024-11-25 07:19:18 UTC
Last online:	2025-02-07 15:XX:XX UTC
Threat:	Malware download
Reporter:	Joker
Abuse complaint sent (?):	Yes (2024-11-25 07:20:17 UTC to anti-spam{at}chinatelecom[dot]cn)
Takedown time:	2 months, 14 days, 8 hours, 23 minutes (down since 2025-02-07 15:44:00 UTC)
Tags:	BlackMoon malware opendir PurpleFox

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2025-02-07	W1.exe	exe	77ecac98989267d0503b5bc44eb6774b1adda1a8e30730893c8f85166f3a1555	n/a	Blackmoon
2025-02-06	W1.exe	exe	2224054c7362ae46b50e6a62ec049fa3a8bd954dbb6a1afcc668f62f4d79bfa8	n/a	Blackmoon
2025-02-06	W1.exe	exe	261b1c2d0e31f69104153fe05745e57a122b9c2c34c7d51e72386118f5b25501	n/a	Blackmoon
2025-02-05	W1.exe	exe	392285ff25200ab97af7317653eed8118837709b1d47ce30234bb302661c02b5	n/a	Blackmoon
2025-02-04	W1.exe	exe	aa7ee5070bd94e267632b7d0b00ca3b48d17bdbde04c996d6fe03d5fc44b4bc3	n/a	Blackmoon
2025-02-03	W1.exe	exe	29711fe5d45464c9aeb8146c9a459b71d8407383f3bbc9af5817d8bbe0f24fe8	n/a	Blackmoon
2025-02-03	W1.exe	exe	25d2aaa00963f8ca95b6025aefeeb321969e4d50cee6294e2db9cf9cad40db8a	n/a	Blackmoon
2025-02-02	W1.exe	exe	622f5c5e5493a96cb549e3bd7da092b9cc09f105d1d16715d895dbf338c53463	n/a	Blackmoon
2025-02-02	W1.exe	exe	7fbd06f97dfb12b31c6c205f99ae6e371e829594a99ba6810f1f44626649981e	n/a	Blackmoon
2025-02-01	W1.exe	exe	eb5338fac0a30e52c4619ba42fe3ac2fae3ba292b524fe30a28499141a6e4ed5	n/a	Blackmoon
2025-01-31	W1.exe	exe	c767976349ff13cd5a2be6f802fdae603aac05b5cf0b15e2531efdcbc53cebe4	n/a	Blackmoon
2025-01-14	W1.exe	exe	12508823d726974521247f4ac9369a0e5d59a507c3842d1fad519dbef262cfe4	n/a	Blackmoon
2025-01-14	W1.exe	exe	938966f927e928a932d8ee051744aed8c04d4c1439fa107048a7ec926a4eb43d	n/a	Blackmoon
2025-01-13	W1.exe	exe	82cb7b1127599ce4814f61dfed2049541584d5c5fda0f984e496aeebdb6c7000	n/a	Blackmoon
2025-01-12	W1.exe	exe	674d031f0e67d1459fb55269442285e88f341e2fb07bdf383628a78156712602	n/a	Blackmoon
2025-01-10	W1.exe	exe	1eec36cf4688961230093fd04c9bf8b5134ba600b013d28b6dc242dd99c2faf6	n/a	Blackmoon
2025-01-10	W1.exe	exe	86912f480116e5c7e239026d8ac32ae2995b7d1fbedd17c6105ef8c3cbc9e8c6	n/a	Blackmoon
2025-01-09	W1.exe	exe	66bf00d9dd10fed8fdd2926483d93850b66e771480c54d7aad4c21bdda05b9b7	n/a	Blackmoon
2025-01-07	W1.exe	exe	80deb271b11986781ccca3c0039ee5e7ca5a15c24517d3d8dbe59f45e5175808	n/a	Blackmoon
2025-01-05	W1.exe	exe	e2e3ffd0eeb1a1edb32cdfe8f3f5cdecf6cacd2e697eee913bd4a12b378117cb	n/a	Blackmoon
2025-01-03	W1.exe	exe	15f2381beb0e36b2871186404235afcecac027209295270fac8c0b504248d619	n/a	Blackmoon
2025-01-02	W1.exe	exe	b9bdfd515a797f60e2492d04e8f6775254ce297db858847cf514807514ca6ad2	n/a	Blackmoon
2025-01-02	W1.exe	exe	0cb5c8e6987f74a213353851dc12b7b3a08130fd5ebb18f4455c659e8f46442f	70.83%	PurpleFox
2025-01-01	W1.exe	exe	a387a5fccd194617e1a649830da9be2f38ecab5135c7d60e84802696275bffa7	n/a	Worm.Ramnit
2024-12-31	W1.exe	exe	1965eae229b47dfbf3a3738c0775d50b25e6c01330301c0b8dde7ab3ddef99b2	n/a	Blackmoon
2024-12-31	W1.exe	exe	35f0785bef5cf76d1a134d27cb112b81a1acedb21dc1cd62c74c98ce87d118a6	n/a	Blackmoon
2024-12-30	W1.exe	exe	7a04155ad4cf8bb3c05d0403dc992b7146c8be860166cb5d94d3032b86ffdecf	n/a	Blackmoon
2024-12-29	W1.exe	exe	99368a05831d8d098b465300c8656bae861219d3e39c67ffe4d4fdf46d4b4b24	n/a	Blackmoon
2024-12-29	W1.exe	exe	e5ecd3f6e706ea8337ee03a9755fdb5fc1e733163127447465fc5d076a846e94	n/a	Blackmoon
2024-12-28	W1.exe	exe	3e8cdc9a05d77b4f88bc807ffbcb92cc1f5ba10785f13b22ce527a0cfc2eb8ef	n/a	Blackmoon
2024-12-27	W1.exe	exe	39b09134c3593dbcc207e3440be7b081e16f8a7a69ffd8d6465bd82adcf87c54	n/a	Blackmoon
2024-12-26	W1.exe	exe	0e5ecb3a6a20712a002d73a0c865bc39881b37e06e8d795504cc478c3adf46c6	n/a	Blackmoon
2024-11-30	W1.exe	exe	7a8f2941c4a3bff5419afd6f3892c65badbe4b3b3db464e30c4fcae0a764dc52	n/a	Blackmoon
2024-11-29	W1.exe	exe	d60239bf70a519bf3e001512781fda8e19b62d5077da6a5a9b6ee8f9716d7018	n/a	Blackmoon
2024-11-28	W1.exe	exe	022673d584dd9e961f80527f7e5182e3fed4b5a1c829e870aab838abf9a33950	n/a	Blackmoon
2024-11-27	W1.exe	exe	e428e2d05fc215527ad85d8e53c8179409886fd88768ae23f2014ba3f2a012c0	n/a	Blackmoon
2024-11-26	W1.exe	exe	bba1680cb6d6c4d8d5310edb711bccde145b34c8b5fe13548ba7c578bd9a1916	n/a	Blackmoon
2024-11-26	W1.exe	exe	f525a484f46b6941448c249dd386c9a091fc0b7ad521c1df69fee9cb21e51191	n/a
2024-11-26	W1.exe	exe	2a32a0d1aa4a724a0b65a5281f0cf27d94e90b7bfd12d5fb38e7ad8e0712019a	n/a	Blackmoon
2024-11-25	W1.exe	exe	12e6299a5bd5d70f0c780b93e6da8123b88c892791966e40efdf1053eca4ef07	48.61%	Blackmoon