URLhaus Database

You are currently viewing the URLhaus database entry for http://158.94.208.7/files/unique2/random.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3794624
URL: http://158.94.208.7/files/unique2/random.exe
URL Status:flame Online (spreading malware for 2 days, 16 hours, 20 minutes)
Host: 158.94.208.7
Date added:2026-03-12 15:10:10 UTC
Threat:Malware download Malware download
Reporter: Bitsight
Abuse complaint sent (?): Yes (2026-03-12 15:11:11 UTC to abuse{at}omegatech[dot]sc)
Tags:dropped-by-amadey fbf543 gcleaner link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-03-15random.exeexe 5062986d9abfa9da976ea489883c6f8d2579b1e00929551e777f79f291c7096an/a GCleaner
2026-03-15random.exeexe 41c1d326fd7a0adc65147581edb7c28c23f66d85ef4e56999bf00dd7ae02cbd4n/a GCleaner
2026-03-14random.exeexe 7cebd9a8e20ef43abc26afc679b4e98f5a2a882b28759d0f19a198eb80016b07n/a GCleaner
2026-03-14random.exeexe e952786ca01f773fde766e82a78b036119a398300604ed272c739252cacb1eb9n/a GCleaner
2026-03-14random.exeexe 56bd9d4c93e25ba3d9d4b2c04f61a1e1989f29e6305bad8f5ab002d605e04308n/a GCleaner
2026-03-14random.exeexe c9c78797dfa219e50cdf37fd6a719aa3ba39691e2919afc6d727a0e4a131256cn/a GCleaner
2026-03-14random.exeexe 507781d350993228ae39de309976002b397a31d10720aec63d0208882bf31bafn/a GCleaner
2026-03-14random.exeexe e7433772f8a66aed169d210b701bef8aa952abb9f202d186184eecfd074a44a2n/a GCleaner
2026-03-13random.exeexe a527b2a8ae65398cd1ce8710746d551baec01342da5fef0a5668e8d296f9662fn/a GCleaner
2026-03-13random.exeexe 6d2388fdd31eb30109adf5194a7ebf74516c9e886e15284ebd158928f5cac1dfn/a GCleaner
2026-03-13random.exeexe 0ad81a0b1f011b01bcea50844458c186046d1f413dc81642ac45841f8fdd4f77n/a GCleaner
2026-03-13random.exeexe d23fbeb21755a33eb9595c4aa993d2c86c30bd38032334b5911a062d06f344cen/a GCleaner
2026-03-13random.exeexe 7a83f8058564fcb6050447c01124a16cf7fd96a78e18c9b8cdc5f0e574360af1n/a GCleaner
2026-03-12random.exeexe e853927ceeb46369117a7e205786656273f1ff83bbbda7fda0470ad09a895db1n/a GCleaner
2026-03-12random.exeexe 098dcc09b9e2889f43e4bba7e93accd098e50f3ae1d543956076c6cea109ae9dn/aGCleaner