URLhaus Database

You are currently viewing the URLhaus database entry for http://59.7.217.245:7070/app2 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3728911
URL: http://59.7.217.245:7070/app2
URL Status:flame Online (spreading malware for 1 month, 16 days, 7 hours, 47 minutes)
Host: 59.7.217.245
Date added:2025-12-07 20:02:13 UTC
Threat:Malware download Malware download
Reporter: botnetkiller
Abuse complaint sent (?): Yes (2025-12-07 20:03:17 UTC to irt{at}nic[dot]or[dot]kr)
Tags:elf geofenced ua-wget USA x86

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-01-20n/aelf 68673ce11d458e2dc6400020dacd3274e00d0fb97946f1e405699b71848d1fb8n/a
2026-01-20n/aelf bd07ea3603339e60b7db465e439e287e0d0b1d3e21a339e475cd46e8be35e0c8n/a
2026-01-18n/aelf e0abc8c352869f054e752e9522dd0d6be84941813aa3dec8ebc961a50380a11fn/a
2026-01-15n/aelf 4b41dc5c5b2b865c14d259702caea11f5eacee2bfe287a3fe24560a7455d2faan/a
2026-01-13n/aelf fad1108134158e0e6125717e761c503990318394a4dc16b1918e2627b15bddd5n/a
2026-01-09n/aelf 3542b5ebf5893bff083549847caf0f207c245c8a5abeeb92f78d829c40c4e29en/a
2026-01-08n/aelf 3d1b894802aa5a47230a6750af1276fe20f921970801eb7564ebc01829cc5ea6n/a
2026-01-05n/aelf 51dfd37eb941b57defc0ae185e823c83ef18c9c5308a473087926f3aab9623d3n/a
2025-12-30n/aelf f343bbd888d5ced75816e5f1a0a9c01a6c4137c01fbcc87dd08a1cb6e88d9775n/a
2025-12-29n/aelf 4c1998f345ed65d8dcc6a34ebb83365bdfe4e457bad2e301617fd1bec5bdf20cn/a
2025-12-27n/aelf c9724019722450b2d78032f094ddc7c532dd7d8104b4266488cbb3d7d7a332a3n/a
2025-12-07n/aelf cc17c5a982a899986c292a41cdc0dfe75b7126b4833521a9b010722a382d11e8Virustotal results 9.23%