URLhaus Database

You are currently viewing the URLhaus database entry for http://92.255.85.66/cmd.bat which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3476003
URL: http://92.255.85.66/cmd.bat
URL Status:Offline
Host: 92.255.85.66
Date added:2025-03-13 14:56:02 UTC
Last online:2025-04-10 14:XX:XX UTC
Threat:Malware download Malware download
Reporter: JAMESWT_MHT
Abuse complaint sent (?): Yes (2025-03-13 14:57:06 UTC to abuse{at}changway[dot]hk)
Takedown time:27 days, 23 hours, 35 minutes Bad (down since 2025-04-10 14:33:02 UTC)
Tags:AsyncRAT link booking ClickFix dcrat FakeCaptcha xworm

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-04-10cmd.batbat 74c22ab5a6c013f0f4c6315df1b2e713e60d449f8a46c65c076483173d079b05n/a DCRat
2025-04-10cmd.batbat 633b044bcf1fa7936f1e1309a695daee87c2f471ccb76c8c5c2a4857c4984c06n/a DCRat
2025-04-09cmd.batbat d0142f10ed1e7349272813e9015389a46551b47fedc933c0835dc6813e2a5e7fn/a DCRat
2025-04-09cmd.batbat 185a038fec18df7a2dfccfe44c9785a037537cd5b60c898102850c2723371f37n/a XWorm
2025-04-09cmd.batbat 1a5b622cc3a97e1befa15d359ecea16c746e65b5152810e9e2a4138c6349e432n/a DCRat
2025-04-09cmd.batbat 5c04caf572ad92a2e8b814a734945995f78144f5fd6465e5f59af7b617e3bf80n/a XWorm
2025-04-09cmd.batbat e687316916028f877ee5792e6add214dc91b0fe5b447c55286469188ecd35e04n/a DCRat
2025-04-05cmd.batbat 2934a9348fe15bcc85228667593a6e5ce0a4b831ce481b290c1ba7ebeb907c20n/a AsyncRAT
2025-04-03cmd.batbat cc2137c6993dc3966cdf9195c6a5154c6a5e643fa7f90bdbc7e2522626fa9a56n/a
2025-04-01n/abat 831c046549baf96446eb206b122227561ce6b954c9327ff58f6b1b591cda1087n/a 
2025-03-29n/abat f3db3c6d6a578926f3d9381e202d5f526821f73efe5d686176992fce24b4ed69n/a 
2025-03-27n/abat 414ab1901a1a886b620d0c5abd373b578b76900418f23277ce552367718c5ff9n/a 
2025-03-27n/abat 43dfdadde2bff223a7a76ef1fa627b16b40307561bc306f59bb0a9c4d5b2c084n/a 
2025-03-25n/abat 89d6a6a24ca9271a5a2ef281a145686e2bdfbe1ac74d373aee6a35155a22d84en/aXWorm
2025-03-24n/abat 4c1ba27691d5769c9f11ad811cda424f3e2f9a86d982e1130e6ad3d351fc1df2n/a AsyncRAT
2025-03-23n/abat d469bcb5cb4dc1a6d21cb0e2b93af2f267f240ab7a2e6d35d0f8fc72a10c5d75n/a AsyncRAT
2025-03-21n/abat bba05c6a0fc079ada79891363c6b60f13df9e0a0d82be114c16c771a9fce2665n/a 
2025-03-19n/abat 40a9353f45f50c02ef5735174b2311d01a18b4524fdff64c60058fbfa2d55d0fn/a AsyncRAT
2025-03-14n/abat 28cb9fb33162a77696cf0edaabf75bb188d9b2bbdeb40963cd455f1430f57efbn/aAsyncRAT
2025-03-13n/abat cdd7f60e7d161ae694719ff61ce9c940eba89788581eeeba73bbb034be1988c2Virustotal results 3.39%AsyncRAT