URLhaus Database

You are currently viewing the URLhaus database entry for http://5.252.155.72/load/kythy.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3853312
URL:	http://5.252.155.72/load/kythy.exe
URL Status:	Offline
Host:	5.252.155.72
Date added:	2026-05-26 05:05:19 UTC
Last online:	2026-06-24 00:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2026-05-26 05:06:11 UTC to abuse{at}altawk[dot]com)
Takedown time:	28 days, 18 hours, 59 minutes (down since 2026-06-24 00:05:13 UTC)
Tags:	ACRStealer exe GhostPulse HijackLoader opendir RemusStealer Vidar

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2026-06-23	kythy.exe	exe	cccaa74eb48cc6152f062bff6416def6922875ff7da6bbd2fac5f75b3332493b	n/a	HijackLoader
2026-06-22	kythy.exe	exe	6597d92261f9705a6f20a5097008abf825e5801016b92e06da87c9de0f7243ba	n/a	GhostPulse
2026-06-22	kythy.exe	exe	cc48f0f25b36a8f61164609fdfacbf4bbc8668a61cbcd03fc150a5e2f0d7b366	n/a	GhostPulse
2026-06-22	kythy.exe	exe	0e2c2e2caa3596f88b4c9453bb0bc6ee5c40997215bc6f4f8b47f0723b74d2a8	n/a	GhostPulse
2026-06-21	kythy.exe	exe	ecaedc68c09154f9e97673d84d1860d5755828182a42f6aab64ab3766ce47396	n/a	GhostPulse
2026-06-21	kythy.exe	exe	a28960c16549cc9f989ddb575a34a3217c4b8405c77c5aa39dd55e2e7d1e5b4b	n/a	GhostPulse
2026-06-21	kythy.exe	exe	ef0fc8334ee7e2e117a27cf410fc552365b30497a4fbea44751b9ea7174a9fdc	n/a	GhostPulse
2026-06-20	kythy.exe	exe	452a98403a11d4f0be84588e4ee59fecc594c297110c21215b8b31d398703f59	n/a	GhostPulse
2026-06-20	kythy.exe	exe	8ee84f25d4e19fcb130196ed6148fc21c9e1e5176c10980f89a8818ca7bd229e	n/a	GhostPulse
2026-06-19	kythy.exe	exe	01f593c7e7d9fb99def6ae9ea116f3c2730a0317b25ced1f187b5305dee1439d	n/a	GhostPulse
2026-06-19	kythy.exe	exe	468f2266ddc5c8d79ace2227a83a9873865a3ac1998cfdadee175e78e87e80a6	n/a	GhostPulse
2026-06-18	kythy.exe	exe	2db9a2541b7ed98897ce2b90652e7a310d38f447d552333851d9d38867126335	n/a	GhostPulse
2026-06-18	kythy.exe	exe	faafc408fb5b3f6907b1033f89bc6b8569d602c7e80532801e99af4dca1110f6	n/a	GhostPulse
2026-06-17	kythy.exe	exe	732f1656a9ff3b152e1455834a8fe55c90dda60377354b7c0df7884ec481a8ab	n/a	GhostPulse
2026-06-16	kythy.exe	exe	be4bb2ea6fc6959cdeb63238018761be56adb2d1e69e7c3d3340272187198b5d	n/a	GhostPulse
2026-06-16	kythy.exe	exe	afe67433e48fbe0f81180b719a4bcade8c7f21c074d5677c529ab464dca31e31	n/a	Vidar
2026-06-15	kythy.exe	exe	574cebd5ea2acb459274679dc5411d805e1a20c4c79c111450befd038819c4c7	n/a	GhostPulse
2026-06-15	kythy.exe	exe	9db9ecefce4493f3ca88778be4248a743354947520d0ff901dfbe2e1a4f863d9	n/a	RemusStealer
2026-06-15	kythy.exe	exe	96c2eed79de8b460a1d4108029beeba44346f65d60f28c0a4560440344a7c951	n/a	GhostPulse
2026-06-14	kythy.exe	exe	1bb2771002bf8240e34e8284048bfc1db8dd7cdade7a7afb4a2cfbe02b1a9749	n/a	GhostPulse
2026-06-13	kythy.exe	exe	070f20fe5060d8380699d2a6ccdc4a4016f0c6b6b5a2ab04d17415aa8e48de61	n/a	GhostPulse
2026-06-12	kythy.exe	exe	20d46cd2cfae6a7a1ecce17389979452674836bb61be9d6772ae3582d819b58b	n/a	GhostPulse
2026-06-11	kythy.exe	exe	832794e8d6206a265b6997f7a959fd058e20d1ad68499423fc4c169f4fd6c528	n/a	GhostPulse
2026-06-10	kythy.exe	exe	fbe13653d0e8a777eb63eb97d460a3e4e86fa0502aab815dfb57460f4908a64c	n/a	GhostPulse
2026-06-09	kythy.exe	exe	3c4a658ac06ea08c0370f045f8f811addf114af2c8dd071daf59316fca4be0c0	n/a	GhostPulse
2026-06-08	kythy.exe	exe	679644beaf7e51d975d38e42539a982690251d94bd907ca4d3cedf812840501d	n/a	GhostPulse
2026-06-08	kythy.exe	exe	8bdffa5b0bcb3a3ea9e868918dfe3ca39998bc6d361cba375a769f1c22259e10	n/a	GhostPulse
2026-06-07	kythy.exe	exe	93d2aefc3724e8edf381531e446600876e6f0ab0c2f78281af390302a9d77f61	n/a	GhostPulse
2026-06-07	kythy.exe	exe	f7996ad0b165d1bcf87a2b3aac76b232c421ab7009ae2ce79f7f623dc11191ef	n/a	GhostPulse
2026-06-06	kythy.exe	exe	01b9ce6e3b424b7f44ab26f437af51f4b9d3be660226adf7bd035aac2f20d887	n/a	GhostPulse
2026-06-06	kythy.exe	exe	79e3d1cac92b8a0ba14794defe6a29b7a01a01eac8bd162ffeb3d561bd3c35bf	n/a	GhostPulse
2026-06-05	kythy.exe	exe	739eba9ecc9a6eef0cfeb0314caeb0b5e9c6382d22c9e1b017aad70bee3c580e	n/a	GhostPulse
2026-06-05	kythy.exe	exe	fa270275a06dbcad2f2cb2a757a1b04e599b328d8156bcfa00f221bb83a9bb47	n/a	RemusStealer
2026-06-05	kythy.exe	exe	2db8ea7a8bc24fd7bd59be5be9f8c2398ae74dd41f7689ff0d9fd205a79cd24a	n/a	GhostPulse
2026-06-05	kythy.exe	exe	e98e93a130065eb94b206e3626a9594c66280c260afbb303240951666301fb1f	n/a	GhostPulse
2026-06-04	kythy.exe	exe	5227e2e3dabc9e8830c67e4b5a46bb6661e775b9c624818ce1d4d293cbcc06c3	n/a	GhostPulse
2026-06-04	kythy.exe	exe	f2077252daf1b3f1c096e35e3c49132490e063c3f5d8a4bedfdfb83105af2902	n/a	GhostPulse
2026-06-03	kythy.exe	exe	661eca6015f9a7189699cdd40a220e4f1aa6f0922fd3a5bbd5843be04d68cb78	n/a	GhostPulse
2026-06-03	kythy.exe	exe	78943c97e3016c8e2b1c3659700874673412509ef21d90e4bc9013a59a658489	n/a	GhostPulse
2026-06-02	kythy.exe	exe	6a8f7d5378791aecbbcbd8e543f36b639eb14c0ac32c27d7278f3e679c888951	n/a	GhostPulse
2026-06-02	kythy.exe	exe	07407c800473645f3b46757bae62c0181707ce4b096aad7cc24a7c6a0631ae38	n/a	GhostPulse
2026-06-01	kythy.exe	exe	5c5e737d12640b9ad887f56fce1bf395894ad6dd5171b4a1fdaf6a7d5a731a25	n/a	GhostPulse
2026-06-01	kythy.exe	exe	571d5dd37becb36e122e55cbd37e0bc537b664def64ae648cda014d8b264a0d6	n/a
2026-05-31	kythy.exe	exe	7ac3cbd4a0e8b1457d70b9a916ca18a00862508cdeb98a122bf3d7b5876c5974	n/a	GhostPulse
2026-05-31	kythy.exe	exe	c4c4b0b8fa4f48e6a30899a3820df6ed65f5a32f3caee01e75ae7e531111d7fa	n/a
2026-05-30	kythy.exe	exe	0b5b5c70f1cbbf7d47318f0a49505d07ef9b86e4c812e39f9ad47210f6ae80ae	n/a	RemusStealer
2026-05-29	kythy.exe	exe	ae3ee04fded710b733a8eba2eb8e0aafa1fdb60805c6b48aa4aa56311079b10a	n/a	ACRStealer
2026-05-28	kythy.exe	exe	b39688635bb5b2a90bb9101b372080b61d6ba78f2cd78ee275a983a84e2a047d	n/a	ACRStealer
2026-05-27	kythy.exe	exe	9bd33b0eb2f0407f0f86edfe9e53748c402692eeb4246019c0620e539d8546b6	n/a	ACRStealer
2026-05-27	kythy.exe	exe	94db5892d51fa7f24c6f406591d5cc143f48f3f9f576c66d36a8682e3950102b	n/a	GhostPulse
2026-05-26	kythy.exe	exe	828405d66881b770753d58349534c978672cda97591e8eb393beca734896539a	n/a	ACRStealer
2026-05-26	kythy.exe	exe	943cf1ebeb089abcd2e6ff0c2bfefa4631855948ab3ef3811cba1c635aa389d1	n/a	GhostPulse
2026-05-26	kythy.exe	exe	833bffd0ff2291001e0cb62f529cf947ba2753fa5888820848a2014eda2dc334	n/a	GhostPulse
2026-05-26	kythy.exe	exe	d28c7e1fb7db6117c741cac2a5819385de3d1ee51fadc475c15536f5549b4cb2	n/a	GhostPulse