URLhaus Database

You are currently viewing the URLhaus database entry for http://178.16.54.200/files/8167064937/jSR21kp.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3618125
URL:	http://178.16.54.200/files/8167064937/jSR21kp.exe
URL Status:	Offline
Host:	178.16.54.200
Date added:	2025-09-06 04:04:05 UTC
Last online:	2025-09-17 12:XX:XX UTC
Threat:	Malware download
Reporter:	c2hunter
Abuse complaint sent (?):	Yes (2025-09-06 04:05:12 UTC to abuse{at}metaspinner[dot]net)
Takedown time:	11 days, 8 hours, 45 minutes (down since 2025-09-17 12:50:15 UTC)
Tags:	c2-monitor-auto dropped-by-amadey Rhadamanthys

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-09-16	jSR21kp.exe	exe	4c085cb79516494946428cc4466f0df1b55caeb3c394a78c6af735231b1288d3	33.33%
2025-09-15	jSR21kp.exe	exe	13dd5ce20cadb5cb065eb812cf638b8567dd8f899d8a1d8b27b493a62194be93	1.39%
2025-09-14	jSR21kp.exe	exe	b020a00d492e10c75d1002c2da0289a21219738ad456c7eb49721613665a9966	45.83%		Rhadamanthys
2025-09-11	jSR21kp.exe	exe	a5140d64bce3be4aebeb337098ee690b4da670caec044c9ae0dab78c6a5bb492	45.83%		Rhadamanthys
2025-09-09	jSR21kp.exe	exe	99f9692c01489daaec146807f05e426b9dd73be2d880fb0a1648c0e990aaeb15	42.25%		Rhadamanthys
2025-09-09	jSR21kp.exe	exe	677be338532b255e041fda3f46d6dc8ab38f332bc9e00c53d9d3708e7c1422a7	43.06%		Rhadamanthys
2025-09-08	jSR21kp.exe	exe	1219a35d6d435d8a9354e6f13d43c257d2add70a48e5fd5e9515d560a7098f5f	47.22%		Rhadamanthys
2025-09-06	jSR21kp.exe	exe	f5bc4cd08a3e95935a848c97c435a0fc41b3a118c45a5baf3e50e6e69a109aff	40.85%		Rhadamanthys
2025-09-06	jSR21kp.exe	exe	7318d8ba13163a478dbc19f16c0a742f84721121bd8016be27a228a5b1aac86b	52.11%		Rhadamanthys