URLhaus Database

You are currently viewing the URLhaus database entry for http://198.23.207.11/5600/vbc.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2122000
URL:	http://198.23.207.11/5600/vbc.exe
URL Status:	Offline
Host:	198.23.207.11
Date added:	2022-03-30 11:13:05 UTC
Last online:	2022-06-09 10:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2022-03-30 11:14:06 UTC to abuse{at}colocrossing[dot]com)
Takedown time:	2 months, 10 days, 22 hours, 58 minutes (down since 2022-06-09 10:12:45 UTC)
Tags:	AgentTesla exe NanoCore opendir

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-06-08	n/a	exe	24854921e061d1f5f0acd045006f652fef99f82e22201250ace108415ff2c12a	n/a
2022-06-08	n/a	exe	62ff837e6b8b93d5e43e97a070fd7fc9b4a42f3d1e80b1e0ed1cb442b9044ecb	n/a
2022-06-07	n/a	exe	d65a1d6b5c26245245f106004b7b360d2a63e1d2da1f065b56d3846a93c0ba8e	n/a	NanoCore
2022-04-05	n/a	exe	a37117c0bc0130e1a1b613744f5e58eb66c4426cf5687cc88c0ed2e81336a835	n/a	AgentTesla
2022-04-05	n/a	exe	be538f7f78d7854c191445e7ffc50e934b4562d9ce3dead16bd0ed150806c8fc	n/a	AgentTesla
2022-03-30	n/a	exe	c4892c08f2dc00c82b9699c2ba77083926672eee12ed1d4dc22de4512407f8fa	32.86%	AgentTesla