URLhaus Database

You are currently viewing the URLhaus database entry for http://8.219.76.168/02.08.2022.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3604757
URL:	http://8.219.76.168/02.08.2022.exe
URL Status:	Offline
Host:	8.219.76.168
Date added:	2025-08-16 17:08:09 UTC
Last online:	2025-12-08 12:XX:XX UTC
Threat:	Malware download
Reporter:	DaveLikesMalwre
Abuse complaint sent (?):	Yes (2025-08-16 17:09:11 UTC to abuse{at}alibaba-inc[dot]com)
Takedown time:	3 months, 23 days, 19 hours, 17 minutes (down since 2025-12-08 12:26:53 UTC)
Tags:	censys CobaltStrike

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-12-08	02.08.2022.exe	unknown	d5537070dcb0ce82d4eabac7adedd94ff000473badf9e10440073c7869060b28	n/a
2025-12-08	02.08.2022.exe	unknown	7028e30c2a44e77c89e9dc74b857f7bea970636e674d336cbff1c5850b7c0e0f	n/a
2025-12-02	02.08.2022.exe	unknown	6ea85df65b5fdc279b50d345153682ef1d9ef81fa75f359ea29d666e0e725616	n/a
2025-08-18	02.08.2022.exe	unknown	14c8cef88d48fa1cbb0536184a84a3347a50333cecf52fa7509a99dead8c899e	22.58%
2025-08-16	02.08.2022.exe	unknown	1eb512eded07f4573d3431860008cc1507f850b165b39f44cea8765bc12681b4	32.26%