URLhaus Database

You are currently viewing the URLhaus database entry for http://8.134.74.227/gg2.hta which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3594332
URL:	http://8.134.74.227/gg2.hta
URL Status:	Offline
Host:	8.134.74.227
Date added:	2025-08-01 14:58:35 UTC
Last online:	2025-10-24 11:XX:XX UTC
Threat:	Malware download
Reporter:	BlinkzSec
Abuse complaint sent (?):	Yes (2025-08-01 15:08:09 UTC to anti-spam{at}list[dot]alibaba-inc[dot]com,abuse{at}12321[dot]cn,abuse{at}alibaba-inc[dot]com)
Takedown time:	2 months, 23 days, 20 hours, 29 minutes (down since 2025-10-24 11:37:35 UTC)
Tags:	geofenced ua-wget USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-10-24	gg2.hta	hta	48a1a559f2b229ea4b5ba68175663249ffc85f5ffc7d3ecf8fc4e270ffa513ac	n/a
2025-10-12	gg2.hta	hta	c3cef0d64c1f62713be5b27d586af79e9bb65d8ba78117c951c758d421aa1038	n/a
2025-10-08	gg2.hta	hta	1de2ba24e272c06abd291ce413b2f3d935285dc55463827549b22396f401aefd	n/a
2025-10-02	gg2.hta	hta	12e09180acdbd6e2620c333973c37aa66347503202015d47bbcf4f278d4461f7	n/a
2025-09-01	gg2.hta	hta	65e7379384f0debbb9dab01c7c3f9764d1f878b39ec3546ab273ca1d4730fafc	n/a
2025-08-31	gg2.hta	hta	11da62138e7f93ad21217e884246c2341e5ffc8faab0b5f6b02205ff08fc6122	n/a
2025-08-28	gg2.hta	hta	0e8c1bd6494bd82dc0f3ad1e21815f7348e1bfe412b7b0bcd22a58d523fd204b	n/a
2025-08-11	gg2.hta	hta	00be7f643a12ac2221c9ba8df4fb34b3701c336fa830d24fe906c55364ef7b35	n/a
2025-08-02	gg2.hta	hta	68b297d80aa383884c5b1c657a8f05864912f5d38023317a5a0b8caacb55fa68	n/a
2025-08-01	gg2.hta	hta	cc0d485085cf6b766fd94f4dd4887b947de79aed10d4b2bc18f3fab393deadea	47.54%