URLhaus Database

You are currently viewing the URLhaus database entry for http://8.134.74.227/gg4.hta which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3594335
URL: http://8.134.74.227/gg4.hta
URL Status:Offline
Host: 8.134.74.227
Date added:2025-08-01 14:58:35 UTC
Last online:2025-10-21 05:XX:XX UTC
Threat:Malware download Malware download
Reporter: BlinkzSec
Abuse complaint sent (?): Yes (2025-08-01 17:17:10 UTC to anti-spam{at}list[dot]alibaba-inc[dot]com,abuse{at}12321[dot]cn,abuse{at}alibaba-inc[dot]com)
Takedown time:2 months, 20 days, 11 hours, 47 minutes Bad (down since 2025-10-21 05:04:19 UTC)
Tags:geofenced ua-wget USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-10-14gg4.htahta 699cfb0909375793e6cad70131052e4aab85688ee8a98497b4b3e030492ef3ben/a
2025-09-25gg4.htahta 48c3c4f931c98912fa026ed9e4437cbcaa3087106f03f34b21a31cfbc3bb123dn/a
2025-09-22gg4.htahta 7f078f8a025f5eecfc3e10cd21faf8d7cd3dd30f55c1ac0215a6d89b17e9ee79n/a
2025-09-21gg4.htahta fc55229297d190df8296cb5c1cf825f45fe3707c057dd840689f2ec90d98735cn/a
2025-09-06gg4.htahta 73b90d553465c596a0601dd3ec86067e1bcc10a60037577d0c74f7ab01a8a49en/a
2025-09-02gg4.htahta 9a63a77e2604dd73cde4fb8e02af3d8416f49dca635ecab80b31a3e1a4dd4a7bn/a
2025-08-19gg4.htahta 8e55683b40b9f2d354eceac8b449be10a0e75a15b873e39ea1de389689b214e2n/a
2025-08-15gg4.htahta 00be7f643a12ac2221c9ba8df4fb34b3701c336fa830d24fe906c55364ef7b35Virustotal results 22.58%
2025-08-08gg4.htahta a13e4f5e885ff9dbfa3719fbb1821df0f0c97f020d93d50ebd34cba94bb4ee0an/a
2025-08-01gg4.htahta 0db167394b1161fb398536218025b0874fb38267307ecd3767d3731efcec0ecaVirustotal results 46.77%