URLhaus Database

You are currently viewing the URLhaus database entry for http://178.16.54.200/vidar/random.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3629695
URL:	http://178.16.54.200/vidar/random.exe
URL Status:	Offline
Host:	178.16.54.200
Date added:	2025-09-23 04:03:09 UTC
Last online:	2025-11-13 23:XX:XX UTC
Threat:	Malware download
Reporter:	Bitsight
Abuse complaint sent (?):	Yes (2025-09-23 04:04:10 UTC to abuse{at}metaspinner[dot]net)
Takedown time:	1 month, 21 days, 19 hours, 53 minutes (down since 2025-11-13 23:57:16 UTC)
Tags:	dropped-by-amadey Fuery Vidar

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-11-11	random.exe	exe	106ffec87882f140fb281377d91eab714c0322c4d44792185fc66b5680703ca7	47.14%		Vidar
2025-11-05	random.exe	exe	61722eb8fa05bc092a7944a030103adf69d2194ac91d8c00f61310b449703c53	65.15%		Vidar
2025-09-25	random.exe	exe	b085a54ff0c006b14309eb3edec70182ae7b036b15ccacb5b44dad1fcfd1c5b6	66.67%		Vidar
2025-09-24	random.exe	exe	0600a18987f182dfedaaffef3b529beee84c986f63871be0575351a1ec9f67c2	45.83%		Vidar
2025-09-23	random.exe	exe	5eaae03c8e4ed36c193e417b9880826a5d88ca742a7bb2acc44e492e6d6d0bd5	48.61%		Fuery
2025-09-23	random.exe	exe	b8a791235fabe8db66a82b80c5181b7fc7cd8959a7ccbca2d92add748ded8061	48.61%		Vidar
2025-09-23	random.exe	exe	100975a98a47d7ccb7b9eff463bcdf69f65e7507d19e77037112faeddb858665	50.00%		Vidar
2025-09-23	random.exe	exe	9807eec6992f0d00473b7001dc9ed2e38dba5030ad9b2953a6b81336b14156d0	50.00%		Vidar
2025-09-23	random.exe	exe	e31f7b0dab8595e78282418c3f710f8ead116fad81155c77a9bfb4b7d0418989	45.83%		Vidar