URLhaus Database

You are currently viewing the URLhaus database entry for http://208.67.105.179/nzezx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2259316
URL:	http://208.67.105.179/nzezx.exe
URL Status:	Offline
Host:	208.67.105.179
Date added:	2022-07-20 13:50:05 UTC
Last online:	2023-01-19 17:XX:XX UTC
Threat:	Malware download
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2022-07-20 13:51:05 UTC to info{at}serverion[dot]com)
Takedown time:	6 months, 3 days, 3 hours, 15 minutes (down since 2023-01-19 17:06:56 UTC)
Tags:	32 exe Loki NanoCore

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-09-06	n/a	exe	968af11867e0ca9cb7ca9898b77d6a78a05feb457224f92634df0b3ecf4e0be2	n/a	Loki
2022-09-05	n/a	exe	0725ef86714cd23fc66a5e8a6e2283f0035c7304354476a951e28c0de63aeab6	n/a	Loki
2022-09-01	n/a	exe	a0af04aeb4d0bd20a2ac8089b0f88b1935d8334400d7190b2751be7d53e16716	27.14%	Loki
2022-09-01	n/a	exe	8dd48efe8e0436ade87dc00c9e525fce417024ac04e9ac060ecb384ec67f0951	32.86%	Loki
2022-08-31	n/a	exe	3ac36b3612907df3fd1724900c917c215ef9bf6c5530c81d3b40a1faf7447b90	n/a	NanoCore
2022-08-30	n/a	exe	1d2147500bdb626e9f78761c9d25a8d597f3d966e5437efb461f03b3ec8be217	n/a	NanoCore
2022-08-30	n/a	exe	52cd482b7219eb54f7e9e4672d58d8bd85fbbb3468d2da6fac5b719b3a934f65	20.00%	NanoCore
2022-08-29	n/a	exe	b95f5f68948d08e06292fbda648e99b3d7d237e19cb4da03fc729fddd681d195	n/a	NanoCore
2022-08-29	n/a	exe	747e7a2c12b9ecff95e0828ab061ac6d75a722005bbce2555b6c5353eaf9e23f	19.72%	NanoCore
2022-08-25	n/a	exe	3a8064e4524a52d53e9b2111c5368c82182dc885043b43373f56f7532b268e29	n/a	NanoCore
2022-08-24	n/a	exe	ed627832d80a82faf49c5a61bf7fef509f4860889ece7d18388ecbe2110f7dc6	n/a	NanoCore
2022-08-24	n/a	exe	a34669a4f919bfb5c570b7d5ad5eea4f5fdb276268afbdb6b540907f1ddefa83	n/a	NanoCore
2022-08-23	n/a	exe	701768dfd24a5df7d5ad448c9bcd933fbef87fca11c91c457cfa44d95e2fb6d1	n/a	NanoCore
2022-08-23	n/a	exe	f744326dd8c1d2d254759fed22d0f8d1ce7df89ec0c699a896450773f110355a	n/a	NanoCore
2022-08-19	n/a	exe	0ce9fcd692bc34e751910d4698453b577677fa2883f978af28e6753a963e30da	n/a	NanoCore
2022-08-19	n/a	exe	c27008bd825faf145c4d214450c1044c3927d01a2d7da850da862c51018d0ccd	n/a	NanoCore
2022-08-17	n/a	exe	25dc2daecc1f213eb7e68141aca9e9917e2ba93fc30bafd050f84d7e1f0bd3d2	n/a	NanoCore
2022-08-16	n/a	exe	b975300b29a918ba9b96365e073aecfd980ee79e3b83095373b88867ad7b29f9	n/a	Loki
2022-08-16	n/a	exe	98e7f088ba419732a641ff92685cda6f57ce183883be240d30a51d2e9eed0084	n/a
2022-08-15	n/a	exe	99f63fbd83aeadba7be7424ed0deec82ef18ae2d5c8d543d4ccb2de113f4cffb	n/a	Loki
2022-08-15	n/a	exe	52f0382ddec3efb2c092b4199fb537eebd8cbd1ed1fa0ed321fea2a723dffc13	n/a	Loki
2022-08-15	n/a	exe	8b345c4fef0497cdad8342ec52e8687fc0b572021de79bde4c8dd72bbaf4bbb2	n/a	Loki
2022-08-14	n/a	exe	ee98cbdd948d8fb8b7ab1803d2739e438b2fd193a37925db8c2e208b92713c78	n/a	Loki
2022-08-12	n/a	exe	4ce80bb4169f81656f9f5a2833aad35378d7e26fe9fcce2da3e5628a8d4693e0	n/a	Loki
2022-08-12	n/a	exe	4cc1d7c1de7318ad6e31b2d8653933c450e6ce76c4d750df7d3ff6238d70c404	n/a	Loki
2022-07-20	n/a	exe	0113fa893a036c81b7331934cef9314bf925a28daf77365316ad4aaaa7ef9b7a	61.29%