URLhaus Database

You are currently viewing the URLhaus database entry for http://85.202.169.21/samizx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2248468
URL:	http://85.202.169.21/samizx.exe
URL Status:	Offline
Host:	85.202.169.21
Date added:	2022-06-23 13:51:04 UTC
Last online:	2022-07-16 17:XX:XX UTC
Threat:	Malware download
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2022-06-23 13:52:05 UTC to abuse{at}serverion[dot]com)
Takedown time:	23 days, 3 hours, 22 minutes (down since 2022-07-16 17:14:37 UTC)
Tags:	32 exe Formbook

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-06-28	n/a	exe	2b185f27d6cc8644eac018ea1cb8f6d77aac1214d7b8afca0150521b2ad7be72	n/a	Formbook
2022-06-27	n/a	exe	8749846c4927b78aed3147afa2d8de9934b8c927400d724ff9a7f25a923a9bbc	n/a	Formbook
2022-06-27	n/a	exe	be59d75729a30d4957bc83c2ce0f7286a1fbaf5945e56008f2d4f17fb1d25add	n/a	Formbook
2022-06-25	n/a	exe	1174f0c7281537c7b9778be04560ba7cd94efca1cb86c7bca56ed785f2d2689f	n/a
2022-06-25	n/a	exe	a99c9db346939465930c2f4749ade768c1558991a7f88f9d07fe9d3e28cf8c1a	n/a
2022-06-23	n/a	exe	a9849a0f7bf5b5e1f9b967737c44ddff914aaa05b8c910e414ac759ca2b959a1	n/a	Formbook
2022-06-23	n/a	exe	23dc4073b05d98b142affc92756b889207dc77974bae93950779f58dabadddbc	25.76%