URLhaus Database

You are currently viewing the URLhaus database entry for http://178.16.55.189/download.php which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3627677
URL:	http://178.16.55.189/download.php
URL Status:	Offline
Host:	178.16.55.189
Date added:	2025-09-20 12:05:08 UTC
Last online:	2025-10-19 23:XX:XX UTC
Threat:	Malware download
Reporter:	abus3reports
Abuse complaint sent (?):	Yes (2025-09-20 12:06:12 UTC to abuse{at}metaspinner[dot]net)
Takedown time:	29 days, 11 hours, 17 minutes (down since 2025-10-19 23:23:31 UTC)
Tags:	Amadey DarkVisionRAT DeerStealer Fuery PureLogsStealer Vidar

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-09-29	random.exe	exe	be68f32481e1551531f9c2ae9322870aa30e48224fb0ad1f4468b04ec07374c0	51.39%		Amadey
2025-09-29	random.exe	exe	fef4e8d6e9431c96dbbc0ae0c1c12e250157a1b50d2858991347bd20d5bf87cc	52.11%		Amadey
2025-09-29	random.exe	exe	6c8df9ee7a0ce4e39e9e0c72a94cae8dbc9ec4cee84ffd7d3b5d33a056085094	50.00%		DarkVisionRAT
2025-09-29	random.exe	exe	f8bdb7cb9b9008e30a8b9d065f7a94ff540b782de7eb51f0c269d79170bb2da9	48.61%		Amadey
2025-09-29	random.exe	exe	8493979834f86d5a401013220e8824e311453f43e6a194d5c6b55c1adec1f1c0	n/a		Amadey
2025-09-29	random.exe	exe	181f051df6d407e880496a7fe9dc783d51bfafd020567ef00165244c98f9ca43	50.00%		Amadey
2025-09-28	random.exe	exe	66bd2a985ada30d21faa3368a8216e114d9cb4ceaae53b2fce043b50f6d3d425	50.70%		Amadey
2025-09-28	random.exe	exe	8221df5fdf6420026e0967b9bd8264817a6c79ba47840dec2a60fb337239c17c	n/a		Amadey
2025-09-28	random.exe	exe	f4ed700aeb8977830e6efcb07152b164bce888c1faa1390ebe79683664b2995d	n/a		Fuery
2025-09-28	random.exe	exe	3fa79d30ade82212459c00e824856606f7f6a4be3a2f2febb1bcd43c9963f8f5	50.72%		Vidar
2025-09-28	random.exe	exe	a73ba81711d4049b13b9ec3ea166c91de6755df53c4704c751891cccd8bb48ad	n/a		Amadey
2025-09-28	random.exe	exe	62a262e95ed05d0f243291a11590f67361b81174f95487b8b3715d5c6ef48874	n/a
2025-09-27	random.exe	exe	04c3b236d210af7f804011afa45185570703ad0743cb5cf328005a6eca89350b	38.89%		Amadey
2025-09-27	random.exe	exe	ad886fc114f854138d7ab75193cd398eb4cb249532578009dcf77e0f98cbd30d	37.50%		Amadey
2025-09-27	random.exe	exe	84316594f26386b25f9b369a27f0c3c11024092a9458889fa9bacad231955098	n/a		Amadey
2025-09-27	random.exe	exe	b79f1811acfa855940fdcffbb6153cdeb78a4ee50ba2ae7c79707b98d8e88a50	n/a		Amadey
2025-09-27	random.exe	exe	74327031083e683ea028d86b71d6fe61c1c0880752ee2fd7734fbd3f98eeb8bd	40.28%		Amadey
2025-09-26	random.exe	exe	a86ed4486e94dff6eb177dca69d82a82196df705edf109ee5881fc23de083b9a	40.28%		Amadey
2025-09-26	random.exe	exe	6cc6588bff38e5d2e8eb393136b043aacca9d31e90148ce2f55a0b54462d912e	n/a		DeerStealer
2025-09-26	random.exe	exe	3391b3e5e9f0c0fb78e8c14ea983e17138ae198d8309e0d13b2becd371a83f43	n/a		Amadey
2025-09-26	random.exe	exe	606893daf8b3c537928271885685304eb67b54d4241eb36ffa9b2107ffd6b3d5	n/a		Amadey
2025-09-26	random.exe	exe	15db7131285cf91627267e17d8eda3c9d4662da4a7880e561c1d99a6ecdb8f16	55.56%		Amadey
2025-09-25	random.exe	exe	4d65a411f7cf90a74011634ccd9441fe9794e0043406f572814c1d78610715f9	58.33%		Vidar
2025-09-25	random.exe	exe	346ea30c68be3c98af64565a3f96f62ee84abec924f6b5e5b9ece6b8b0102084	58.33%		Vidar
2025-09-25	random.exe	exe	4fe52983a08c618395753004a88802ecdfd5b9d2b2aa060bf3b373080b513f08	55.56%		Amadey
2025-09-25	random.exe	exe	4f9135df891490592f8453497168c549a18a780820d545fd5fe6641f41f162d3	n/a		Amadey
2025-09-25	random.exe	exe	641432223349438ea4dd53f1c484f2de9cd0ac71d2952205578faba9cd47e5ce	55.56%		Amadey
2025-09-25	random.exe	exe	37a8ece468fc976a0d1ef48068a0f94a5a4dabecdc69165009dd644aa95c2d05	n/a		Amadey
2025-09-25	random.exe	exe	67449e82e6a7ab239b466cc5e476effb0fda2da267debaef16887a3af2da5a85	51.39%		Amadey
2025-09-24	random.exe	exe	85835b86cf3d566fc8d3486b2f31695f96cfcdc55112faf010b0e35ffb678b8a	n/a		Fuery
2025-09-24	random.exe	exe	d0e134d82d0a11bb352b751910f52fa8da90e309abce2520f8b66bba2e3d1c66	54.17%		PureLogsStealer
2025-09-24	random.exe	exe	f3666f5240aae021e24baf6ea57498f089b8a7bd0ce8a4e508e7e5a645ac682d	54.17%		Amadey
2025-09-24	random.exe	exe	90175f4a60a456dbc1fa3945b99160ea0d837d2f874f5903f58cb9fa67bf0484	54.17%		Amadey
2025-09-20	random.exe	exe	7a3ea1f8ddff3751f6148c6f7da2aa702ad053ba7c7a182b9a94faf2b3b44a43	75.00%		Amadey