URLhaus Database

You are currently viewing the URLhaus database entry for http://62.60.226.159/zx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:3722484
URL: http://62.60.226.159/zx.exe
URL Status:Offline
Host: 62.60.226.159
Date added:2025-12-01 20:40:09 UTC
Last online:2026-04-29 06:XX:XX UTC
Threat:Malware download Malware download
Reporter: c2hunter
Abuse complaint sent (?): Yes (2025-12-01 20:41:14 UTC to abuse{at}as214351[dot]com)
Takedown time:4 months, 28 days, 9 hours, 56 minutes Bad (down since 2026-04-29 06:37:34 UTC)
Tags:c2-monitor-auto dropped-by-amadey SVCStealer

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-04-23zx.exeexe 2bdddcbb44629150a9333f366971dc439d6d67e925714907346d4c285fd79774n/a 
2026-04-13zx.exeexe 9372b977f945b3024129c560096bf216c573dd673cd3564ada3f814a903146a1n/aSVCStealer
2026-04-03zx.exeexe 282eaff6ff1f1f1677ab4d9c1c140bc0f437f09f75a729bdf3b45dcdef441e1bn/a SVCStealer
2026-03-25zx.exeexe 59458b65958287b05cea0e794a20ea291f76ed09c8f6a98e4d60cede9698c4fcn/aSVCStealer
2026-01-09zx.exeexe 99f6808d5523f4e31dcf70c458993d848161c06cb9b93411e6b3e5b101ac25a4n/aSVCStealer
2025-12-25zx.exeexe 21665d2e3eba75d5046b86ed6196b84272d7a8020ecf4fcd8f4e85fb1a76344an/aSVCStealer
2025-12-18zx.exeexe ce6a7ad275edba73cbec340685724c96ae411dc0191573bbc578932d80539ad4n/a 
2025-12-01zx.exeexe d08578232f63c06fa9a0cef8c78d32e345be95ea005809d8beb390810467947bVirustotal results 37.50%SVCStealer