URLhaus Database

You are currently viewing the URLhaus database entry for http://77.73.67.225/lvhfwx/POm2.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry




ID:155412
URL: http://77.73.67.225/lvhfwx/POm2.exe
URL Status:Offline
Host: 77.73.67.225
Date added:2019-03-09 23:45:10 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Reporter:@zbetcheckin
Abuse complaint sent (?): Yes (2019-03-09 23:46:01 UTC to abuse{at}veesp[dot]com)
Takedown time:2 days, 13 hours, 51 minutes Poor (down since 2019-03-12 13:37:49 UTC)
Tags:exe Formbook link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-03-11n/aexe 9b8f53fa736810855c1e8616c2c6541c0f544e6e074c371dc1b408a00092bca8n/aFormbook
2019-03-11n/aexe 46382d2c58993cd3feb60dfd65f39ca82eb83d13d0494cf4592198b04aded4dan/aFormbook
2019-03-10n/aexe a3b7e4cd67db66d1bbcde6a3ec6e7b026e86c8b449e33efbce5ec9d27216d3f4n/a
2019-03-09n/aexe a4ed9d0955ac26b3133bf4762ff7e5379edaad6c6b269498b988c3e1cce693dcVirustotal results 24.62%Formbook