URLhaus Database

You are currently viewing the URLhaus database entry for http://2.58.149.41/ashleyzx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2109443
URL:	http://2.58.149.41/ashleyzx.exe
URL Status:	Offline
Host:	2.58.149.41
Date added:	2022-03-21 15:36:04 UTC
Last online:	2022-05-03 04:XX:XX UTC
Threat:	Malware download
Reporter:	DFNCERT
Abuse complaint sent (?):	Yes (2022-03-21 15:37:06 UTC to abuse{at}serverion[dot]com)
Takedown time:	1 month, 12 days, 12 hours, 24 minutes (down since 2022-05-03 04:01:54 UTC)
Tags:	AsyncRAT Formbook

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-04-07	n/a	exe	a5e95ee8d1974c95a7346aaef53105fa6fd3eb6aea2e85e1e00e4d8f4052f26d	24.64%	Formbook
2022-04-05	n/a	exe	bfa59865d3bcb7fced5c8ebdf1d690c0a4cb40edba4d22af0d5c4030e7f74777	n/a	Formbook
2022-04-04	n/a	exe	fd47fb1d9ae6d4fa2d64afcc600498076f0f8803cb134782723c4a8bd0ae81b4	n/a	Formbook
2022-04-04	n/a	exe	f301682053d5e2fd2982d90d37508983ac1bf5e630e66e553573709ce7e37817	n/a	Formbook
2022-03-21	n/a	exe	01d83cfe30b45953671a25d375bea90b5472fd36b082d7d327485e9a777a166c	27.54%	AsyncRAT