URLhaus Database

You are currently viewing the URLhaus database entry for http://176.46.157.32/files/7002513081/OM8hqGX.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3582013
URL:	http://176.46.157.32/files/7002513081/OM8hqGX.exe
URL Status:	Offline
Host:	176.46.157.32
Date added:	2025-07-12 17:36:06 UTC
Last online:	2025-07-20 06:XX:XX UTC
Threat:	Malware download
Reporter:	c2hunter
Abuse complaint sent (?):	Yes (2025-07-12 17:37:18 UTC to luke[dot]ross{at}mnttr[dot]com)
Takedown time:	7 days, 12 hours, 50 minutes (down since 2025-07-20 06:28:12 UTC)
Tags:	c2-monitor-auto CoinMiner DarkTortilla dropped-by-amadey

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-07-19	OM8hqGX.exe	exe	5c33a9ec7196f6675182a1667a766872558a0695b498bf11dbf9e13ea40679dd	48.61%		CoinMiner
2025-07-18	OM8hqGX.exe	exe	78a339ccdda10717f172f2c3b8c5028d1645e4bef2553c310048cc48474c77e6	50.00%		CoinMiner
2025-07-18	OM8hqGX.exe	exe	ed803ceeaa6babdbb096febced3f3079704863c42c1b52f0bafe63cadfc0f8e4	52.78%
2025-07-18	OM8hqGX.exe	exe	599fb4b756c133f7dc12af9a5eed18fdfa97936c1810820cf741871920f360e2	47.22%
2025-07-17	OM8hqGX.exe	exe	6885a0db87791739a8d32a379834d1059d28aafbb3cae8f63c825e1ce26540d2	13.89%
2025-07-16	OM8hqGX.exe	exe	b23004bd040f5da91c776bfc771163612dabc1a101147b0e3c4649516bfa3ef2	39.44%		CoinMiner
2025-07-16	OM8hqGX.exe	exe	c37f9f6fa02dc6b3cc5322b12bf8a4040018cbe8abde59f4b6a6aa1c86001255	31.94%		CoinMiner
2025-07-15	OM8hqGX.exe	exe	4470b101958a5adedddfacfd96728fd4634cfa6f03155fda67b25bb1b024feac	n/a		CoinMiner
2025-07-15	OM8hqGX.exe	exe	7c32e1a7b1fb5f8f56b7b70b66444a6caa7e81b26aa5713605e447f161260518	12.86%		CoinMiner
2025-07-14	OM8hqGX.exe	exe	2bef31684e29fd0bc2c664a1118f0984cb29ef3043685756895aeaabcf00c089	18.84%		Athena
2025-07-14	OM8hqGX.exe	exe	34b0723c579cb8b73b9c4c79878e2f234e8d099dd976a359e309a5b8a6544c58	45.83%		AthenaHTTP
2025-07-13	OM8hqGX.exe	exe	9e4a9dd953d97360ff0df3e0c82dfb4d4c414f9efc3069adc202eecfb131da48	37.50%
2025-07-12	OM8hqGX.exe	exe	6e24d211ffbc893adfc360912b9bd2b4c1ae1ef630a2ee030d58878a130b7d66	30.56%		DarkTortilla
2025-07-12	OM8hqGX.exe	exe	3d95b7e35cb112da2be8378c01d0ff1a88c29301c6456966e7a16fb08fdd2581	48.61%