URLhaus Database

You are currently viewing the URLhaus database entry for http://92.255.57.221/cmd.bat which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3459620
URL: http://92.255.57.221/cmd.bat
URL Status:Offline
Host: 92.255.57.221
Date added:2025-02-27 10:59:06 UTC
Last online:2025-04-10 21:XX:XX UTC
Threat:Malware download Malware download
Reporter: JAMESWT_MHT
Abuse complaint sent (?): Yes (2025-02-27 11:00:08 UTC to abuse{at}changway[dot]hk)
Takedown time:1 month, 12 days, 10 hours, 35 minutes Bad (down since 2025-04-10 21:35:40 UTC)
Tags:AsyncRAT link booking ClickFix dcrat FakeCaptcha xworm

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-04-10cmd.batbat 9582023064360fc9b98fd05ff93fe2f8cd7f8053f7f089f664e18fd75346a4fcn/a XWorm
2025-04-10cmd.batbat be09f2dfbee69846084f749d10809b2f3e0ab73606c053dd3373806f72ec4981n/a DCRat
2025-04-10cmd.batbat c63ea2bea265182d9e73fb8932af743ed30a77476f12bac65652eed8ae27cf33n/a DCRat
2025-04-10cmd.batbat 7fe96dc0fd4411c13b62859cbbc34f143f6adcc8570baac88c078059b33310e8n/a XWorm
2025-04-10cmd.batbat d71e0170357de2c35fa0ef8a82776082a2accd044f6bd670f79337d5f32e1905n/a DCRat
2025-04-10cmd.batbat 0a542b81ed92232dc23d7d7f76ba64a37c90f5c884220f722439507bd13a7348n/a XWorm
2025-04-10cmd.batbat 1172b527bb7a5e02e5d63bc8bc2c49f4a3b879d12baa8743149beb087aa831a4Virustotal results 1.64% DCRat
2025-04-09cmd.batbat c57d662ac5ec5238119863adb573963bb52032cfbefb985fff41fbb24ad4186en/a AsyncRAT
2025-04-09cmd.batbat 368c1364524880b80c04cf4e08aaaa83e1f934896791d7d1931b48e0f8fb0eeen/a AsyncRAT
2025-04-09cmd.batbat 51928a22081419156a1b94058b8937ca47430b2c538cf9f29319976931724102n/aXWorm
2025-04-09cmd.batbat 3523993322f3aa9a7cc81107bea2c3653cc60d8bc1f2423c684b38d0ec47ae15n/a 
2025-04-09cmd.batbat 4712cdeb671b1b473dfdb2a52e6da63d5ed05d40dfd750604beae736b390697fn/a 
2025-04-08cmd.batbat 46733c4143afe1c402a018a656d6f7251e9de19c6a78c5f8b7bfeab6426a84ben/a AsyncRAT
2025-04-05cmd.batbat 900d718c3230fcd95879b24cb8be80a4f81d80a6aac65ab7e4af79eca10c351an/a DCRat
2025-04-01n/abat f25d2544fda54e67e49bd81a752e7c5398b4349abce8b89c18c7fcf926f1d841n/a AsyncRAT
2025-03-29n/abat 06d8f86a7b81f76f0d8b6b607d2c35e72e8d0e51ce0c49f04255b1a42956177bn/a 
2025-03-28n/abat fc05a132755f8986e2c3ecd7b46a32ca3458557ffdb1c8c74bfb0357b0f915e6Virustotal results 14.52% 
2025-03-25n/abat a7e15fc1d03183d90dd4ec899857b03361a604f2a97c6bddd3ad55ce34c77a5cn/a AsyncRAT
2025-03-24n/abat 1171234aee5df34bb434be61d4ec93fe1b93d7d5d90856adc846081a9b567acfn/a AsyncRAT
2025-03-23n/abat d7fb43c2298dfaea1d7510a21c13858e1c7e3b19ca3283a36fcb1ff4f21842e6n/a AsyncRAT
2025-03-21n/abat 076de973efc83fc1687bf63f0492d04390dc56a8c69d2f3e077ad7df0370a062n/a 
2025-03-19n/abat 288ab3eb454d4e779b3ce9df677189517a61d13eb19cc750b0a5cb6c7bd9a88fn/a AsyncRAT
2025-03-19n/abat c163be9b650e75fa9146b921954108d8700f484a3ad45ea50ae27bfed04da14dn/a AsyncRAT
2025-03-14n/abat ae5e307cfa874e710d4443cf42e03ad0efcaef7d0b9efa424781a3b8a32d6386n/a AsyncRAT
2025-03-12n/abat 2e5f27c97a9f4ca39ec96b4e636b7d84863e87f4e73885207c2183272f8f921an/aAsyncRAT
2025-03-05n/abat 7427e2ec06dd51f465fcfc0a2b68782b20d6632c2dcaeedddfa3408276bdd157n/a AsyncRAT
2025-02-28n/abat 450f94a61505838c596764d3e70dce13638ae0086e5695b09264258a859dc42fVirustotal results 3.33% AsyncRAT
2025-02-27n/abat 0769233b9cbbf15846e9f9ab01b281f120f54672aff41fde09640ed6c82e9a97n/aAsyncRAT