URLhaus Database

You are currently viewing the URLhaus database entry for http://167.160.161.247/v9d9d.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3588297
URL: http://167.160.161.247/v9d9d.exe
URL Status:Offline
Host: 167.160.161.247
Date added:2025-07-23 06:24:11 UTC
Last online:2025-08-16 11:XX:XX UTC
Threat:Malware download Malware download
Reporter: c2hunter
Abuse complaint sent (?): Yes (2025-07-23 06:25:21 UTC to abuse{at}virtualine[dot]org)
Takedown time:24 days, 5 hours, 28 minutes Bad (down since 2025-08-16 11:53:57 UTC)
Tags:c2-monitor-auto dropped-by-amadey Vidar link xworm

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-08-15v9d9d.exeexe 989e84e3c0e940df3edd50cfdc5173bfbbacca2aebe5f0ef21e28abdeefb7338Virustotal results 55.56%Vidar
2025-08-14v9d9d.exeexe 95a86f8b4ac54d0bd92bd8e16960df8291b50cbeef9d0a2986c150e2398c4ad5n/aVidar
2025-08-09v9d9d.exeexe aa49684e48cdc3a3b706973c0c55fd1a2be03aa0337e15810db20f6a08c127a9Virustotal results 46.48%Vidar
2025-08-09v9d9d.exeexe 533a1cbaf3c2c3104d299f74907cf34a2ce7e27835d117986e07fdd16b0114beVirustotal results 43.06%Vidar
2025-08-08v9d9d.exeexe 57cfcfba691c1a71a6de3dc65e0d5bef29d7df2435803a9a4c48279782254136Virustotal results 47.22%Vidar
2025-08-05v9d9d.exeexe 5762b29db8dc3a8985d0bf4c1705f3ae2bef29ae5b63fcbfd7d2a846bfdce719Virustotal results 68.06%XWorm
2025-08-01v9d9d.exeexe 7f64c92cede8839e819c95c151e3e24e408b988841dc991e3b5a599664b57ab2Virustotal results 42.25%XWorm
2025-07-31v9d9d.exeexe 265f7a20ba64eab0b84802260e96705f3714245feef25364ba3e9ca1f3808704Virustotal results 29.58%XWorm
2025-07-26v9d9d.exeexe 56b7434758412a53e839c141c5e801de7c74851af1187a76675dc6b3ce80fdb2n/aXWorm
2025-07-24v9d9d.exeexe f8e72c4db348eb70ec22401abfc618e8a58f115c41be7acb36fd6732f367c37cVirustotal results 45.71%XWorm
2025-07-23v9d9d.exeexe 2cd8c0e75cf76381f06dfe465a542e52eefa713b0bea2557763e0c0c45b21481Virustotal results 68.06%XWorm