URLhaus Database

You are currently viewing the URLhaus database entry for http://62.60.226.159/2.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:3721649
URL: http://62.60.226.159/2.exe
URL Status:Offline
Host: 62.60.226.159
Date added:2025-11-30 18:46:09 UTC
Last online:2026-05-08 18:XX:XX UTC
Threat:Malware download Malware download
Reporter: c2hunter
Abuse complaint sent (?): Yes (2025-11-30 18:47:14 UTC to abuse{at}as214351[dot]com)
Takedown time:5 months, 9 days, 0 hours, 5 minutes Bad (down since 2026-05-08 18:52:49 UTC)
Tags:c2-monitor-auto dropped-by-amadey OffLoader RedLineStealer link RemusStealer Smoke Loader link Stealc SVCStealer

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-05-082.exeexe 60c814c50e67dc7f3955480940eefcca439218e841ab28dce2348e5791709ca0n/a Stealc
2026-05-042.exeexe e39f6d67c3d9688ce65744e096c67db8f3ac16d6fe343cb161189ffa0a2e659cn/a 
2026-04-302.exeexe c8ba0a3d838ca1b968f7c21976339a477f49c43413b7a83583592a03554b5a27n/a Smoke Loader
2026-04-222.exeexe 89c763bf31f1bd2e9e78007843b56fa2be59e49988f5fbcd64411688ea6efb3an/aStealc
2026-02-252.exeexe 599f8044ac833677564223f34b28fc9286c40683095485ba366ec465accdfa74n/aRedLineStealer
2026-01-052.exeexe 1f0f46dc270ea7e929b2ae662a8480f5766df7e17ff76816bba7a07865b2806dn/aOffLoader
2025-12-302.exeexe 0379d37d97ff3d890b0a643fede26fc7dbe43d40347b77344d0549ec6a4d2db0n/a Stealc
2025-12-242.exeexe 1586e6f714547d9ec024c9aeff1df7024d37a867d543de418b0af65c530c6738n/a
2025-12-132.exeexe cf990c07f431feebbb06b928ee77b2882f7753c47f315fbdcdfbb6467c40eca3n/aSVCStealer
2025-11-302.exeexe dbfd1a47a0108c7075c813c498abcf4857109e72207eeb86f435e535a4e2ed8fVirustotal results 50.00%SVCStealer