URLhaus Database

You are currently viewing the URLhaus database entry for http://192.252.181.93:6635/192.238.176.82.dll which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3558529
URL: http://192.252.181.93:6635/192.238.176.82.dll
URL Status:Offline
Host: 192.252.181.93
Date added:2025-06-05 09:25:44 UTC
Last online:2025-07-20 15:XX:XX UTC
Threat:Malware download Malware download
Reporter: Riordz
Abuse complaint sent (?): Yes (2025-06-05 09:26:07 UTC to mfjp{at}hotmail[dot]com)
Takedown time:1 month, 15 days, 6 hours, 11 minutes Bad (down since 2025-07-20 15:37:53 UTC)
Tags:Gh0stRAT opendir

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-06-21192.238.176.82.dlldll 604a9afc40cd7682ba01acc1093794222250aa4035052ca0ea06866e80eb4d24n/a Gh0stRAT
2025-06-20192.238.176.82.dlldll 19ebdc7b3ff3c6f58ab8e44ee0bf00dc2c6b2b5eb8306eedf599fc931a3cff36n/a Gh0stRAT
2025-06-19192.238.176.82.dlldll 840e6389f39fb7b852088a8e853752e96b0d4e97d86b36ccf985f5d64587bb5dn/a Gh0stRAT
2025-06-18192.238.176.82.dlldll a381766a30275abb55bb9e76e1c8cb7501217cc16c295c36a40025948f8ffa7cn/a Gh0stRAT
2025-06-17192.238.176.82.dlldll 4db8ab7adaf93ff4297bd59ba2eed4b4df25465dd90a10ad255ae373ec7ab077n/a 
2025-06-17192.238.176.82.dlldll 34b85f680e67cf2d97c9ba63760d34eb6f5c05c88318a3ce2c53d3747f706eben/a 
2025-06-16192.238.176.82.dlldll bf591fcd9b16814a7d3bb5b86fe5836c997e6c8ba545d75680287620d1bd6f59n/a Gh0stRAT
2025-06-14192.238.176.82.dlldll 8414010849025de5574cbf313dda23e3035312842cee0c5de48b90aa3080f421n/a Gh0stRAT
2025-06-11192.238.176.82.dlldll b918255d40ac798774c3b861ffbf06c25774d5d702cd9b1528d0d647e300fe8dn/a Gh0stRAT
2025-06-09192.238.176.82.dlldll f8610f83b26aa03e9a9f53546e4d9ea74c34a58dcf8042d887014a4938f325e5n/a Gh0stRAT
2025-06-07192.238.176.82.dlldll 18ec2949c252cba11225b2ef2fc37847253c0bb2d0349a093ac38c6b3f8892b2n/a Gh0stRAT
2025-06-06192.238.176.82.dlldll 4ecb266da15d24719908d9df6515ce31339bdbc0b0fa8186fd66713371029cb3n/a Gh0stRAT
2025-06-06192.238.176.82.dlldll 6fddee12262f702de7ff59bf6a8178069576ae4ca57eae62d9d3c7cfb3814a53Virustotal results 44.44%Gh0stRAT
2025-06-05192.238.176.82.dlldll e341ad06bffac6637eceabcca1809cb2cb0378a4a02a0deb60c6be8536e97d81n/aGh0stRAT
2025-06-05192.238.176.82.dlldll c9fc0c580e2cd2e376e7103422b581255da63295b94a96cd9121afa467a6583an/aGh0stRAT
2025-06-05192.238.176.82.dlldll 39de176c5876211820f2a565b740fdbb716cb0c9a27798732a9beeddef32b509Virustotal results 40.28%Gh0stRAT
2025-06-05192.238.176.82.dlldll a81700bf767bd7c4ee3ba71c954ad1bc37b89818a8953466bb7d858f8a4d26bdVirustotal results 44.44%Gh0stRAT