URLhaus Database

You are currently viewing the URLhaus database entry for http://185.156.72.196/setup?name=mixtwo which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3568889
URL: http://185.156.72.196/setup?name=mixtwo
URL Status:Offline
Host: 185.156.72.196
Date added:2025-06-21 12:57:09 UTC
Last online:2025-06-25 22:XX:XX UTC
Threat:Malware download Malware download
Reporter: c2hunter
Abuse complaint sent (?): Yes (2025-06-21 12:58:14 UTC to erishennya[dot]res{at}gmail[dot]com)
Takedown time:4 days, 9 hours, 19 minutes Bad (down since 2025-06-25 22:18:07 UTC)
Tags:c2-monitor-auto dropped-by-amadey gcleaner link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-06-25lapismixtwo.exeexe 23e53a8cba798c485a2f22722ba7f3b1ae28499e4f22611f7bb9d52299df1572n/a GCleaner
2025-06-25lapismixtwo.exeexe 173d1ec29d82e1162daa54c7d5769be12a4d1118272fbb12f9afd0db44331cf8n/a GCleaner
2025-06-25lapismixtwo.exeexe 29ffe7e78cff0e4e1db5b86445842a78c3de9bfaf1d7442737b9d85951ef6156n/a GCleaner
2025-06-25lapismixtwo.exeexe 0e400163a03dafcdd1fb201f1d14c3a44fee91f057d8f5801d1dbbc4db6b5a7dn/aGCleaner
2025-06-24lapismixtwo.exeexe 0c3ce441b639292339a0f6e243271c4e910415d1897f0891c32a012a2bfc1513n/a GCleaner
2025-06-24lapismixtwo.exeexe efc00dd0896804d8bab9f90b3067e07b14fbbefc170eb3952d5976972eceb6c4Virustotal results 29.17%GCleaner
2025-06-24lapismixtwo.exeexe 4f5e79d29982951b78fa9cd63cb22456551e757a0d27cd3047f7706fd3d03889n/a GCleaner
2025-06-23lapismixtwo.exeexe 07a9de2581b55a5fba83c10f562f694d50a6f8d5881cdc9266e33c3b767e8734n/a GCleaner
2025-06-23lapismixtwo.exeexe afb631837881c70f285d3d77d8de35dd2814883c476a03eb4744ed875ed577ean/a 
2025-06-23lapismixtwo.exeexe 336768966e5684381492731d70a8df1bf41cacd152e1cf365f49328de49da30en/a GCleaner
2025-06-22lapismixtwo.exeexe 99e790c29760d35a20fdf5882ad2c189bc39b37f3b4ff0497f5066085ad45307n/a GCleaner
2025-06-22lapismixtwo.exeexe a9de3b463a07b7825e21cd28b111f0408082a08590d984aae1a211f702233bd0n/a GCleaner
2025-06-22lapismixtwo.exeexe 4f7f98c277e40f4a20dc50363062f299913b3b6c0ced5d8b619fcadb2723f05dn/a GCleaner
2025-06-22lapismixtwo.exeexe 0e539d64cec7504ad5d06388a7a40f4ab99a8e7c84312d2d777bfa6d7d62af7dn/a GCleaner
2025-06-21lapismixtwo.exeexe 54fc1a767db0f3110bdafcac8cf91d54dd17c2ebf0d1e561633adcd0d231bd79n/a GCleaner
2025-06-21lapismixtwo.exeexe 428feb5950ab3d9e17d7e558dad0381a938776472a13227542731f0136e95e6an/a GCleaner
2025-06-21lapismixtwo.exeexe 07b2bcf3f6efa56c11a30d92a0d5182eaa680cc85da498982b85b20107f8c551n/a GCleaner