URLhaus Database

You are currently viewing the URLhaus database entry for http://178.16.55.189/files/6331503294/dPzCoRY.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3692077
URL: http://178.16.55.189/files/6331503294/dPzCoRY.exe
URL Status:Offline
Host: 178.16.55.189
Date added:2025-10-31 16:37:05 UTC
Last online:2025-11-14 00:XX:XX UTC
Threat:Malware download Malware download
Reporter: c2hunter
Abuse complaint sent (?): Yes (2025-10-31 16:38:18 UTC to abuse{at}lanedo[dot]net)
Takedown time:13 days, 7 hours, 26 minutes Bad (down since 2025-11-14 00:04:22 UTC)
Tags:c2-monitor-auto dropped-by-amadey

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-11-04dPzCoRY.exeexe 4d69e1c88a9ca803fd7f02395dc2f3a737c32a13fe6ee801cb908fb075cd0e86n/aKamasers
2025-11-04dPzCoRY.exeexe fa47763a09fbe543d0bb5fbbf2d72951aac7838f1246d619eb468d26aa722a9cVirustotal results 32.39% Kamasers
2025-11-04dPzCoRY.exeexe 29b3dfdbdae2fb75d026615923acd5b7077b75237bbeaa86010fe3802cfeaaf4Virustotal results 41.43% Kamasers
2025-11-03dPzCoRY.exeexe f937330f1a51c49e95e340d0375361538024f7b780e10c41199639ec77b50892Virustotal results 19.72% Kamasers
2025-11-03dPzCoRY.exeexe 9608fee6bdc92ce6e6053f8c894f541db1bfa2c7047801a7a4a89b152d0401f9Virustotal results 39.44% Kamasers
2025-11-02dPzCoRY.exeexe 5acb1edeae8bca1433be58b753a706cd780b3e716409d495bb2ab0dc27cc02e3n/a Kamasers
2025-11-02dPzCoRY.exeexe 64a8ba6ec8000379f646ee407c1b41d7c863d8d5d7b6a5e9d9ba1215b82aa177n/a Kamasers
2025-11-02dPzCoRY.exeexe dd9979d21eabb6d6579af907c1d95006fe097db115aea4c6c1bb4cfb27224e9fn/a Kamasers
2025-11-01dPzCoRY.exeexe 0b1ecc0ac68dd937d32badda22ec6839ce1075e41eff12218a1a9da54325089dn/a Kamasers
2025-11-01dPzCoRY.exeexe 1208b953fd3d04800a4f9dfa91057d417050cb9c30fcaea308017ee45b8dcb28Virustotal results 15.49% Kamasers
2025-11-01dPzCoRY.exeexe 37b837ffcb5419a477eda3c4b50a17a06674c3e1fc92e94c7daf4daa16d758f7Virustotal results 30.99% Kamasers
2025-11-01dPzCoRY.exeexe 8ab8cc1e5d8c1d158091a107581d238723fc0fd28d5b49217849863af3d1737eVirustotal results 29.58% Kamasers
2025-10-31dPzCoRY.exeexe 3227540da89670874293cc6e3254294d65171786368c6f295d54f3560d595c11n/a Kamasers
2025-10-31dPzCoRY.exeexe 6258e673b8bfafeeb1c5a3e928af342d91d70fd42e940b8a011b66eb154c1e8cVirustotal results 30.00%Kamasers