URLhaus Database

You are currently viewing the URLhaus database entry for https://myguyapp.com/c.hta which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3390123
URL:	https://myguyapp.com/c.hta
URL Status:	Offline
Host:	myguyapp.com
Date added:	2025-01-05 13:08:04 UTC
Last online:	2025-09-24 13:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	DaveLikesMalwre
Abuse complaint sent (?):	Yes (2025-09-24 09:46:11 UTC to abuse-network{at}squarespace[dot]com)
Takedown time:	9 months, 12 days, 16 hours, 40 minutes (down since 2025-10-15 22:55:25 UTC)
Tags:	opendir RemcosRAT

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-10-15	c.hta	hta	47fa0540ba7d7a8585a19a2570ddf6e242aabe69b4dfca6a5fb9de12b7d6ab27	n/a		RemcosRAT
2025-10-15	c.hta	hta	b2066155166f6710e10464f3521dd07ab933e505a180685c9afc0446dd9d1b0b	n/a		RemcosRAT
2025-10-14	c.hta	hta	7d9791d782389b41ff2d404af89bd0ca7d4fcd66aca90924ab0aa897f64a2315	n/a		RemcosRAT
2025-10-14	c.hta	hta	2f873494b5a1eac3a557a123655f00b7d4c9ff922f3463b8f63bc3f951703ae5	n/a
2025-10-14	c.hta	hta	b9558083225f05848166c8d302e28c05dfc74a2859685bc3bd90a4c6d72e66cd	n/a		RemcosRAT
2025-10-14	c.hta	hta	173c13cdc1ace03d81d15907326f8f19aa99384c01953b381062344edd65adfc	n/a		RemcosRAT
2025-10-14	c.hta	hta	f0b816758ff729a70ec550eec49ee19e45b26a2c60824945f7536223a21d0f63	n/a		RemcosRAT
2025-10-13	c.hta	hta	6f28ce8051bf63a2d81402911b87d908bc8fee5de32c8e62a87f9ff52867c375	n/a		RemcosRAT
2025-10-13	c.hta	hta	3013921b1e5885406d0b4d0fa3abcc8f42196898b28fde35e79c4b1180d2418b	n/a		RemcosRAT
2025-10-10	c.hta	hta	5662877c2be6c685ca2eea4fe9419df3fb838bba9afcf99516c676fbcd1eb302	n/a
2025-10-10	c.hta	hta	d83736db415cef3f5c045285e8c856e9b9edf56af49e96070244ff400eaaa932	n/a
2025-10-07	c.hta	hta	5c15fd20b20f8f9a17d73d39ea28f08580f0d161f838194be7174a97ab38a16d	n/a		RemcosRAT
2025-10-05	c.hta	hta	9e6800e000d6e4cfadd0ee4a184b17173a46c992733f9be13cfe5493c59c19bb	0.00%		RemcosRAT
2025-10-02	c.hta	hta	4ab38f80b73f7b0d8a21434fb6ce8a4d8b1df12e489b752cb647b765de686734	n/a		RemcosRAT
2025-09-30	c.hta	hta	64fa7d3ddce9c491fcfde0aad67ece20958a2db5f8d25296d672ee3ac536678b	n/a		RemcosRAT
2025-09-29	c.hta	hta	3b696c1bccbd0207488b548f781bc022b80d5bab7a39a43052f30ef358562f94	n/a		RemcosRAT
2025-09-26	c.hta	hta	c8638846eefddbcbd97d5cf879734e46abb6c12d6faffc411a0c061ed3a0eaff	0.00%
2025-09-24	c.hta	hta	32786c34948771caa669cbbe5d3720a7d2875c554b7b898872ad9cf953e820ee	0.00%		RemcosRAT
2025-01-12	n/a	hta	8da5bb4d9cfd29718720e839bb75ee58f92b6e41f0181b6eede4234d3122dab6	n/a		RemcosRAT
2025-01-06	n/a	hta	bbe818541c34a4def85455fa7a1392d2ded1e76ca6d89f08125a13d09ea4b93a	21.31%		RemcosRAT