URLhaus Database

You are currently viewing the URLhaus database entry for https://gl1g7tts-5500.euw.devtunnels.ms/free.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3760442
URL: https://gl1g7tts-5500.euw.devtunnels.ms/free.exe
URL Status:Offline
Host: gl1g7tts-5500.euw.devtunnels.ms
Date added:2026-01-19 22:30:08 UTC
Last online:2026-02-14 18:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Not blocked
OpenBLD :Blocked
DNS4EU :Not blocked
Reporter: burger
Abuse complaint sent (?): Yes (2026-01-19 22:31:11 UTC to abuse{at}microsoft[dot]com)
Takedown time:25 days, 20 hours, 25 minutes Bad (down since 2026-02-14 18:56:18 UTC)
Tags:AsyncRAT link exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-02-04free.exeexe c3c465c8670333252fe74404324a72ddf5f151b13c1fcb219beb4e88da4926b2n/aAsyncRAT
2026-01-28free.exeexe 001f34b936c564112c11c9b9c1a6afdf9498c568b18617ad089c952d737ec17dn/a 
2026-01-25free.exeexe 1a874ec12e16f86e18fc4f8998e616c893c2b7c24baafcdaad842c18c37c02fcn/a 
2026-01-24free.exeexe 65f8f999235575cb672c29d5d580e88305554c1b3131a2f7a86000bee4bd966bn/a AsyncRAT
2026-01-24free.exeexe aeb614c326b389d42d50522326f16db35e0ff4127cdc26ae07ce8938889e684bn/a 
2026-01-19free.exeexe baf0dd685129daf06a284b364f4093ef401a00e6436bf27a831221e97d2edff7n/a