URLhaus Database

You are currently viewing the URLhaus database entry for http://178.16.55.189/files/5900855435/lZq6RaQ.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3668639
URL: http://178.16.55.189/files/5900855435/lZq6RaQ.exe
URL Status:Offline
Host: 178.16.55.189
Date added:2025-10-11 18:22:10 UTC
Last online:2025-11-02 17:XX:XX UTC
Threat:Malware download Malware download
Reporter: c2hunter
Abuse complaint sent (?): Yes (2025-10-11 18:23:20 UTC to abuse{at}metaspinner[dot]net)
Takedown time:21 days, 23 hours, 27 minutes Bad (down since 2025-11-02 17:50:32 UTC)
Tags:c2-monitor-auto dropped-by-amadey Vidar link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-10-31lZq6RaQ.exeexe 20da71093221ca7d4b1e19f8bd67867d38d1abb469f8c9bd52fee87074f4be02Virustotal results 29.58%
2025-10-22lZq6RaQ.exeexe 47929177ca687f37d0a34d43078b6bcc379813af5c99fc0b09e50488519ba092Virustotal results 30.56%Vidar
2025-10-19lZq6RaQ.exeexe 2419abe4eae2b337a874c1a473f08a259f4b81b6b2b5060770cedb3af01eb365n/aVidar
2025-10-17lZq6RaQ.exeexe b3ac7e225f7966453e984e4ac014a3f5342e204f3ea00981eaf14b5ac366cb5eVirustotal results 51.39%Vidar
2025-10-16lZq6RaQ.exeexe 9d28f28752111022a963e0f7cd765b418f77796c042ece9a58ce24926f79fdfaVirustotal results 47.89%
2025-10-13lZq6RaQ.exeexe a4974611d6912f7ada262daf6791a71913620b56fe0b5e0c12c3d094d47fd144Virustotal results 50.00%Vidar
2025-10-11lZq6RaQ.exeexe eaf3380be5ef1bff98fef23b114b28531dfb7423e25dfc94d7e76bdc43997327Virustotal results 47.22%Vidar