URLhaus Database

You are currently viewing the URLhaus database entry for http://2.58.149.41/plugmanzx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2229281
URL:	http://2.58.149.41/plugmanzx.exe
URL Status:	Offline
Host:	2.58.149.41
Date added:	2022-06-08 02:47:05 UTC
Last online:	2022-07-16 17:XX:XX UTC
Threat:	Malware download
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2022-06-08 02:48:06 UTC to abuse{at}serverion[dot]com)
Takedown time:	1 month, 8 days, 14 hours, 26 minutes (down since 2022-07-16 17:14:50 UTC)
Tags:	32 exe Formbook NanoCore

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-07-01	n/a	exe	c085bc0fdaa618fb6d1d8b6db3de60b533075613d47779c18cd7af6ef9f87101	52.31%	Formbook
2022-06-15	n/a	exe	f9eafc2e0d113c33ff2ef3c080001165cde3e53b379662b35643d4cfaab9e25c	n/a	Formbook
2022-06-15	n/a	exe	ff39e3b670a02fbdb1f24e9cf9f85a9eeb1f3a00e75f0dbac83a18b1fcdcd3f5	33.82%
2022-06-14	n/a	exe	e79387b4f694e147f4a6cf4b181b650c8b1da5f4ecc47799f3964e830ac11bb6	n/a
2022-06-14	n/a	exe	f55b3a4dc7510439401745fdb3330df93d61b35be96adc52db3ac3a23f3d93c1	n/a
2022-06-13	n/a	exe	96ad797d56d4f371624479d61fb8d760a745dd378d166b3ced7fa8146231f4e8	n/a
2022-06-13	n/a	exe	592b026b4d94568a2e9b9ee96b6628bc004ab94165b1b6c8b00e0693b5c99992	n/a
2022-06-13	n/a	exe	0b6c6f381fa19e3c3d2a4dbd80adcc7724f23c57e72e0add9a7aec9dfcbe327c	n/a	NanoCore
2022-06-12	n/a	exe	d466cf23cd8845ae7772574dea01b4acbb0c14e4f737b04a57df38da8b0ae321	n/a	Formbook
2022-06-11	n/a	exe	fc8d47ab825611a1fcd4f5e6d7d3f5f82873a220c702aeda8d2072bbd1d522ba	n/a
2022-06-10	n/a	exe	32adafbb2dde31b58c581fba4529b64fc63bf60edd5208ad674e52ccee17cf92	n/a
2022-06-09	n/a	exe	ea686eef3f3467e0305477cf1759632fd744556b362b6571ec70e961fe9cd4dc	n/a
2022-06-09	n/a	exe	67c422f6e70ab7f126b8b7eee480d4a0577015215359199b8e090aa855c0f199	n/a
2022-06-09	n/a	exe	faea34e7c75efd701ec53a1767b8719725c91430164d28ec7853543be56acf41	n/a	Formbook
2022-06-08	n/a	exe	e9a379a7a0bec2e05abc9e95b41473ea999b8faa57f4e4aab6ae27eb9a35659c	n/a
2022-06-08	n/a	exe	8425a88a6f37dd87c2aac358fe3a248490b56bf4f7728620805f53bc166ceebe	n/a
2022-06-08	n/a	exe	c890f6556786c0c3bd8f2620c01139ae4bcdf0bb12e9b4328ef9dd721f0bed03	n/a
2022-06-08	n/a	exe	9530780503c903e1d83738e19e754c3756e067612adddcea2f64c25749b6a838	33.33%	NanoCore