URLhaus Database

You are currently viewing the URLhaus database entry for http://192.3.152.157/322/vbc.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2055537
URL:	http://192.3.152.157/322/vbc.exe
URL Status:	Offline
Host:	192.3.152.157
Date added:	2022-02-23 12:54:06 UTC
Last online:	2022-03-14 05:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2022-02-23 12:55:11 UTC to abuse{at}colocrossing[dot]com)
Takedown time:	18 days, 16 hours, 33 minutes (down since 2022-03-14 05:28:32 UTC)
Tags:	exe Formbook opendir

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-03-02	n/a	exe	b3b8ceafdfc6bde8a73c68005414b709ca2b08f5eecfd9a49d769460d6c17c98	n/a	Formbook
2022-02-28	n/a	exe	a27575ce4613827f31057286ea6adfaf695c6f0b0fa30d39bc145832c43c3cb8	n/a	Formbook
2022-02-28	n/a	exe	3fbc9c55133b3d51ba2221836cffc08e727826e9514233706781f897ca0988f3	10.00%	Formbook
2022-02-25	n/a	exe	221bb1100035ee4af7fa99306e4f56eb573f2db2738c7a861ded7a2d1f924ef8	n/a	Formbook
2022-02-24	n/a	exe	03c24fbe7c863e8337b0c944f96847b5166297283727edccca056c4f6f688d4e	40.00%	Formbook
2022-02-23	n/a	exe	9e3aeccf79c4c92f97410817a161701c59affa07403748695e61fef0d1d082e7	n/a	Formbook