URLhaus Database

You are currently viewing the URLhaus database entry for http://198.46.199.171/new/new.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1588345
URL:	http://198.46.199.171/new/new.exe
URL Status:	Offline
Host:	198.46.199.171
Date added:	2021-09-03 07:58:05 UTC
Last online:	2021-09-21 05:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2021-09-03 07:59:02 UTC to abuse{at}colocrossing[dot]com)
Takedown time:	17 days, 21 hours, 57 minutes (down since 2021-09-21 05:56:12 UTC)
Tags:	AgentTesla exe Formbook opendir RedLineStealer

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-09-16	n/a	exe	939e8448b44089c4b2a3a6baba9a6bb6a2363e9e01463369ba41cab0082dc3d2	n/a	AgentTesla
2021-09-14	n/a	exe	763b0f42585f948ef01775277a4fc152bcccc1f560cfd7d850e8dce25ba37ccb	n/a	AgentTesla
2021-09-10	n/a	exe	30d19151144595548be93a69eaea1545a17c5fdc10fac24a8a33b90a94961cd0	n/a	AgentTesla
2021-09-09	n/a	exe	fd5f21eb43514ea369b950218aa051ce47242f445bbe352dfa30e2c7a2d83041	34.78%	AgentTesla
2021-09-09	n/a	exe	9823226b876dfebe21c476a59f4938cb67292e761dc7c6029576fb9396e93842	n/a	AgentTesla
2021-09-09	n/a	exe	63966d1b4bc17072e8b301e7128fc033d25139f24d19f7533291bb3dbafef681	56.25%	AgentTesla
2021-09-07	n/a	exe	f2f27ff68581132e12375a80d81d19a9bd60652bb0f9d0834916441ca52ae921	n/a
2021-09-07	n/a	exe	f235f5460a16f4b3f9458ac7e65ac7758018184c10ac365ab69016de098a1846	36.76%	AgentTesla
2021-09-06	n/a	exe	12b4d5b703c8e2261c3fd995514959fa6cefb4cc2ed8ea409ddfc8353f2de741	n/a	AgentTesla
2021-09-06	n/a	exe	44314f582748496d3383922a5fb3bb0fcf1d373696b026e4e12623f919e8d49e	25.00%	AgentTesla
2021-09-06	n/a	exe	534ac228e075bd7975dd05a0b672b0f70886fcdb800ee6c03e834d2999e78729	n/a	RedLineStealer
2021-09-06	n/a	exe	15529247d828b711183e271ab9092b3a42395abd0ff4432421c8d65371689353	n/a	AgentTesla
2021-09-06	n/a	exe	515aeac4841b51f4ef59ace6b939e49eb902b00c4bd2f7a0c433ac260448b93f	n/a	AgentTesla
2021-09-06	n/a	exe	8085213a555a814fef5abfbdea92f1e695780a6292807016dc1814f040ea8325	20.90%	AgentTesla
2021-09-06	n/a	exe	a3526fbde858c171cecad37674c1cc0a90f997cce6d2563d41dd0846607cdd85	n/a	AgentTesla
2021-09-03	n/a	exe	d53fe06c8384e535b2dcf3c96a7fd724ecf48ee3f3b9060750ff309ddea39758	n/a	Formbook
2021-09-03	n/a	exe	0dbc727b9b089ce71ec32623629e0b3ceae94285d1588ac4580c9d987b1c4e09	25.37%	Formbook
2021-09-03	n/a	exe	da7eff90633f82c14d128a573e55c95694fa567bd983438f6e4080db739ab55d	28.36%	Formbook