URLhaus Database

You are currently viewing the URLhaus database entry for http://178.16.55.189/am_def/random.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3632845
URL: http://178.16.55.189/am_def/random.exe
URL Status:Offline
Host: 178.16.55.189
Date added:2025-09-27 04:07:07 UTC
Last online:2025-10-25 17:XX:XX UTC
Threat:Malware download Malware download
Reporter: c2hunter
Abuse complaint sent (?): Yes (2025-09-27 04:08:10 UTC to abuse{at}metaspinner[dot]net)
Takedown time:28 days, 13 hours, 20 minutes Bad (down since 2025-10-25 17:28:45 UTC)
Tags:Amadey c2-monitor-auto DarkVisionRAT dropped-by-amadey

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-09-30random.exeexe 8f606b680619d04a3bdd3b1928c145ec5ff522039aaefe97e677ff3d77281471Virustotal results 51.39% Amadey
2025-09-29random.exeexe d099e6f121bff3d1802dedb6aa9bb3855e0694b267163f210b3ceda3b0c224feVirustotal results 54.17% Amadey
2025-09-29random.exeexe db468e864b1e92bcff891e27f7c2f5c5e5b325b2a0845d8cbdaaf1962fb9931eVirustotal results 52.78% Amadey
2025-09-29random.exeexe b74032eb26fe93730fd8d74c49a2607c415fb345d1461f02a255208dfe880326Virustotal results 50.00% Amadey
2025-09-29random.exeexe 4a95a037ecdaa6c46bb8d2c149721ace2e9a10fcf9f4458436bd8d65f4cdcdf5Virustotal results 52.78% Amadey
2025-09-29random.exeexe 4388645e1544d4b88bfcb4a743216b9f57a6de4fa6530fd7d8f8060c70f3c008Virustotal results 54.17% Amadey
2025-09-28random.exeexe 63ba5cc79df95b2cd08c9be63c38601a16cb6e3f94443a5b04cf65e4290e04a6Virustotal results 52.94% Amadey
2025-09-28random.exeexe d2b6d12724a10e88043ebf0cab90d1af4e4182d18058958423a5be5c71562773n/a DarkVisionRAT
2025-09-28random.exeexe b692501dce20c2f0a59db04b6402a0d6e12193a1d62a9a4d880167fc3ffd324eVirustotal results 52.78% Amadey
2025-09-28random.exeexe 63e2bb0c1101e1b513fb620d4e66427fe8b376368a751ee2e555300c1d43642bVirustotal results 52.78% Amadey
2025-09-28random.exeexe c11e2df958e38a3102ad5b5c77b3f2d9e133b03213e2fdea5ac1a758679c1300Virustotal results 52.11% DarkVisionRAT
2025-09-28random.exeexe 19b43280e8756f0955cb02a66789c5c4111f24366e384e89e913f5cd3639be9eVirustotal results 45.83%Amadey
2025-09-27random.exeexe 0b84c41e64fd38edfad75e2cd55b9851c7c6d4955e7fa55efb20e8104fbc3d3fVirustotal results 37.50% Amadey
2025-09-27random.exeexe aab9d0ec8fe4e77ee20eb1ffea83cd7ccb402ab34856961f0bf353cc7ccbf8c6Virustotal results 40.28% Amadey
2025-09-27random.exeexe 24afb08f0052a3ae1db2c45c9b3beb44a5a010ae7b0d00546afdbba024e56bb1Virustotal results 41.67% Amadey
2025-09-27random.exeexe cd51e69bac0e8956433cd5f8ee2dd90a0321b6c79dc05dbdc84de363ab251733Virustotal results 39.13% Amadey
2025-09-27random.exeexe b42256a0e9632bda5338a23bbbb8a750f204b343d6f561d3412baef66077739fVirustotal results 38.03%AurotunStealer