URLhaus Database

You are currently viewing the URLhaus database entry for http://178.16.55.189/files/6849343518/4G5UhJ6.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3667185
URL:	http://178.16.55.189/files/6849343518/4G5UhJ6.exe
URL Status:	Offline
Host:	178.16.55.189
Date added:	2025-10-10 13:06:09 UTC
Last online:	2025-10-12 16:XX:XX UTC
Threat:	Malware download
Reporter:	c2hunter
Abuse complaint sent (?):	Yes (2025-10-10 13:07:13 UTC to abuse{at}metaspinner[dot]net)
Takedown time:	2 days, 3 hours, 8 minutes (down since 2025-10-12 16:16:11 UTC)
Tags:	c2-monitor-auto CoinMiner dropped-by-amadey

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-10-12	4G5UhJ6.exe	exe	fb710f58f94eba2aaf7e08c8244c7db62b54846c1172ae2c67d5d3c136b011f7	42.37%		CoinMiner
2025-10-11	4G5UhJ6.exe	exe	8f1712b4b01e63e948057b003ed9f03170b7e07ef00bd42c727c1566655a167c	36.11%		CoinMiner
2025-10-11	4G5UhJ6.exe	exe	130de93b5de238f676cd414bea496529b15ac03ecbddefb08818601f1ae548aa	37.50%		CoinMiner
2025-10-11	4G5UhJ6.exe	exe	3632d5da1963195c17c55d73e380c2c64ae7ad852efdbd9b8a611414d549a752	36.11%		CoinMiner
2025-10-11	4G5UhJ6.exe	exe	82020c7b85af0b6a1e342e4c63e1c91c060fa5b84081bc2cacb1c1e1c3178b7f	33.33%		CoinMiner
2025-10-10	4G5UhJ6.exe	exe	8d0f4482b1cfb5e552082dc80f516f3544f86b97018f1797ec9d1a0a86cd5459	22.41%		CoinMiner
2025-10-10	4G5UhJ6.exe	exe	984dbd06c3a8ece43142e45d61b2aa3dfae7be270edc66153dc8d521f481d1ef	33.33%		CoinMiner
2025-10-10	4G5UhJ6.exe	exe	47d57b7dc72f31edd3b52e8c78b7fe0846d7ed8114f8ab98b9a1f5d8e8e89bd2	33.33%		CoinMiner