URLhaus Database

You are currently viewing the URLhaus database entry for https://github.com/gcoyerk/Winslop/releases/download/v1.04/Winslop.1.04.zip which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:3872070
URL: https://github.com/gcoyerk/Winslop/releases/download/v1.04/Winslop.1.04.zip
URL Status:flame Online (spreading malware for 24 days, 13 hours, 28 minutes)
Host: github.com
Date added:2026-06-22 14:19:14 UTC
Threat:Malware download Malware download
URLhaus blocklist:Blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: randomx929
Abuse complaint sent (?): Yes (2026-06-27 14:23:27 UTC to noc{at}github[dot]com)
Tags:stealer Vidar link zip

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-07-11Winslop.1.04.zipzip 06d2d5d7340f8d816026de635647ff1e8a37be45223bc2044efa6eb8db9508c9n/a 
2026-07-07Winslop.1.04.zipzip e347daa8ac5acf7eced2b227979799e000fe5a5e913f675fd9e173b74d2c4ea5n/a 
2026-07-03Winslop.1.04.zipzip c1389515e42a5e2753f26f48c37d1822046af00889144b12e52d56cd6d20b4f7n/a 
2026-06-30Winslop.1.04.zipzip c09da8909adfad7293a8eab09bcb0b8daf3173baef4a0484b4d04a392350c0bcn/a 
2026-06-24Winslop.1.04.zipzip 606c24151f1c3859ca7a8ef13112ccf83db2d4515edbfbf48f1d2428673a3f00n/a 
2026-06-22Winslop.1.04.zipzip b86b6fe85428c7a33bbd2cf24dcd4c0e95dabfbb627297fdf6c8a92b6a8296f8n/a 
2026-06-22Winslop.1.04.zipzip 73015c033f30682a2ad3bcba6ad035fa94bc0b50a1801e001bf98599b81f8fe4n/a