URLhaus Database

You are currently viewing the URLhaus database entry for http://178.16.54.109/6.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3809347
URL: http://178.16.54.109/6.exe
URL Status:Offline
Host: 178.16.54.109
Date added:2026-03-31 20:23:07 UTC
Last online:2026-05-21 07:XX:XX UTC
Threat:Malware download Malware download
Reporter: Bitsight
Abuse complaint sent (?): Yes (2026-03-31 20:24:12 UTC to abuse{at}omegatech[dot]sc)
Takedown time:1 month, 20 days, 11 hours, 8 minutes Bad (down since 2026-05-21 07:33:08 UTC)
Tags:dropped-by-Phorpiex phorpiex link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-05-206.exeexe b8b9468c8a13441927e3e0678087d926760b3970f667ef1c944d9d9abd2ccd1an/aPhorpiex
2026-05-166.exeexe 94604c80e6d909d9244135ccd005c8b04fdccd516cdbf412bad988624e1e5a56n/aPhorpiex
2026-05-126.exeexe 6b142f44c207e4a3b63a4f8cd8ab7be6b0df2940dca49c20be97c2b47bd0f73bn/aPhorpiex
2026-05-096.exeexe 2a15f459e9e0e9d40fae724cf3a85c4a23745193f7df0665f03dd1cd31b358dbn/aPhorpiex
2026-05-076.exeexe 69c1077c17e91680304fcc397ded72824bc24161bffd8efca86c29ba9221d198n/aPhorpiex
2026-04-236.exeexe 7db487099c98bf397a86cc8fa6b48e20167cedaaf78a72e1ca5ada914bc1d7e6n/aPhorpiex
2026-04-226.exeexe e20627e035d0d1c7e9d4547a2a687866b7d62102a2b96aef935d3f0dec8e4adbn/aPhorpiex
2026-04-066.exeexe 0e934989907f2598cd5745ad5a1530dd63161263d2b1f9e142df4d5e635dd349n/aPhorpiex
2026-03-316.exeexe 825c433a93885727599aa9ce2d1b92074bfb4b12cdb390588cfccce36079c581n/aPhorpiex