URLhaus Database

You are currently viewing the URLhaus database entry for http://217.8.117.132/qefyur/6q7jcqdx/belial/files/drop4.zip which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	370372
URL:	http://217.8.117.132/qefyur/6q7jcqdx/belial/files/drop4.zip
URL Status:	Offline
Host:	217.8.117.132
Date added:	2020-05-28 07:17:13 UTC
Last online:	2020-06-02 19:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2020-05-28 07:18:02 UTC to abuse{at}grandcosmetic2[dot]ru)
Takedown time:	5 days, 12 hours, 22 minutes (down since 2020-06-02 19:41:01 UTC)
Tags:	opendir zip

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT
2020-06-02	n/a	zip	b27305ebe415073b5203a89b8aa2066fc90763f3e3f0a88e1f723edb00ce3e58	12.12%
2020-05-29	n/a	zip	31c9d8b7973f90769d41b9c8c9b7ce69b87c890384b6fbf2f27499b28096f274	n/a
2020-05-29	n/a	zip	248a4ad9e47c657dafefe39869a00277494450102c7763751464ba67557e8601	n/a
2020-05-29	n/a	zip	cf35321a5dd1a22a36b32ec41651012f6713c42a5c3eed7e178a00fd402da128	n/a
2020-05-28	n/a	zip	86a43166160cfe331230557e6aae2c57df189470af108c021ac90d009e503dc7	n/a
2020-05-28	n/a	zip	513a6179da9541ae6d6b8142d6202cca46eb1498bacc133632eff1f67c444ae8	n/a
2020-05-28	n/a	zip	9d55cc6da29f5d60b3f00b2105676ad7ea5317e8ffbaf9c543ccebbbd753dcfb	24.24%