URLhaus Database

You are currently viewing the URLhaus database entry for http://92.255.57.155/1/1.png which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3332613
URL:	http://92.255.57.155/1/1.png
URL Status:	Offline
Host:	92.255.57.155
Date added:	2024-12-06 07:38:04 UTC
Last online:	2025-01-30 23:XX:XX UTC
Threat:	Malware download
Reporter:	abus3reports
Abuse complaint sent (?):	Yes (2025-01-07 09:30:24 UTC to abuse{at}changway[dot]hk)
Takedown time:	23 days, 14 hours, 9 minutes (down since 2025-01-30 23:39:43 UTC)
Tags:	ascii ClickFix jpg LummaStealer png powershell ps1 ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2025-01-17	n/a	ps1	592c6bce92a8a7e8052ef0eb61393e32700330effb1c192b7e9f10318d153cc7	n/a	SharpHide
2025-01-17	n/a	ps1	db1d824950b92359265e42fe821a236bef325b18e5ebf22d15b0119b474f827e	n/a	SharpHide
2025-01-15	n/a	ps1	7a302873d938c744663bfef42692b39c79fca02e2b1c9c722f5c7b4cce183239	n/a
2025-01-13	n/a	ps1	242bcd645791e2e5892c80260c2e517f91d218d5cb5846bc1f18e1874b08aea0	n/a	LummaStealer
2025-01-07	n/a	ps1	1417811e6df4fa655aa70a388473d57e529526674011fd60a1ea56b86684118b	34.48%