Avast detects this as Avast (Win32:DropperX-gen [Drp]), RedLine Stealer running in Task Manager as “AddInProcess.exe”.
Detected here: hxtp://37.0.11.8/USA/Ghazals.exe Online 32 exe RedLineStealer
See: https://urlhaus.abuse.ch/url/1478827/ (address is cache banned when one is behind a proxy - varnish cache).
Dutch IP Address active. Win 32 exe application/x-msdos-program malware.
3 security vendors detect: https://www.virustotal.com/gui/url/b751f19cd96353ce6da97507fefea0870e30ccd64eee12fc4161199cef3010fc/detection
Blacklisted: https://sitecheck.sucuri.net/results/37.0.11.8/tinyfilemanager.php
See: https://sitereport.netcraft.com/?url=http%3A%2F%2F37.0.11.8%2Ftinyfilemanager.php+++
H3K file manager - not a secure connection, see: https://sitereport.netcraft.com/netblock?q=SERVER-37-0-8-0%2C37.0.8.0%2C37.0.11.255 & https://sitereport.netcraft.com/?url=http://37.0.11.8#history_table (server)
polonus