URLhaus Database

You are currently viewing the URLhaus database entry for http://80.147.155.189/AV.scr which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3696132
URL: http://80.147.155.189/AV.scr
URL Status:Offline
Host: 80.147.155.189
Date added:2025-11-04 12:32:29 UTC
Last online:2026-05-27 08:XX:XX UTC
Threat:Malware download Malware download
Reporter: Riordz
Abuse complaint sent (?): Yes (2025-11-04 17:52:30 UTC to abuse{at}telekom[dot]de)
Takedown time:6 months, 23 days, 14 hours, 58 minutes Bad (down since 2026-05-27 08:50:44 UTC)
Tags:CoinMiner

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-04-02AV.screxe 94dd5d6afd8ba90d4ee015912e64f4d8009510659eb62d8166f8c62a5cf9e7fbn/a CoinMiner
2026-03-19AV.screxe 323c379fd65c63e519c5afb17c90d1a06861796f6c3c95432c1c53712f41c5aen/a CoinMiner
2026-02-27AV.screxe 7c1fafff7305dbbebfaaf3f8a034e058e2190a587cf0fe21d5de1c935aad8bacn/a CoinMiner
2026-02-16AV.screxe a7023411c34c8ba83e9ee9444a3fae1310858e09405ea86242a5304997cf570cn/a CoinMiner
2025-11-04AV.screxe af94ddf7c35b9d9f016a5a4b232b43e071d59c6beb1560ba76df20df7b49ca4cVirustotal results 80.56% CoinMiner