URLhaus Database

You are currently viewing the URLhaus database entry for http://80.147.155.189/AV.scr which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:3696132
URL: http://80.147.155.189/AV.scr
URL Status:flame Online (spreading malware for 8 months, 14 days, 17 hours, 57 minutes)
Host: 80.147.155.189
Date added:2025-11-04 12:32:29 UTC
Threat:Malware download Malware download
Reporter: Riordz
Abuse complaint sent (?): Yes (2025-11-04 17:52:30 UTC to abuse{at}telekom[dot]de)
Tags:CoinMiner

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-06-20AV.screxe 52ba4fcb694508d6d20e44bcd7a5e3d98f7cce9d1e34522390ac45d7e3a5f674n/a CoinMiner
2026-06-13AV.screxe 4c91f1c07f419e17177e295a498ace31b4d706ac206e590cffe832298ed17741n/a CoinMiner
2026-06-01AV.screxe 6c189c8e9f79fb1b884bc394a3320e0e64153bcdd23574eb39c4dc4a69f5b506n/a CoinMiner
2026-04-02AV.screxe 94dd5d6afd8ba90d4ee015912e64f4d8009510659eb62d8166f8c62a5cf9e7fbn/a CoinMiner
2026-03-19AV.screxe 323c379fd65c63e519c5afb17c90d1a06861796f6c3c95432c1c53712f41c5aen/a CoinMiner
2026-02-27AV.screxe 7c1fafff7305dbbebfaaf3f8a034e058e2190a587cf0fe21d5de1c935aad8bacn/a CoinMiner
2026-02-16AV.screxe a7023411c34c8ba83e9ee9444a3fae1310858e09405ea86242a5304997cf570cn/a CoinMiner
2025-11-04AV.screxe af94ddf7c35b9d9f016a5a4b232b43e071d59c6beb1560ba76df20df7b49ca4cVirustotal results 80.56% CoinMiner