URLhaus Database

You are currently viewing the URLhaus database entry for http://208.67.105.179/bluezx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2260833
URL: http://208.67.105.179/bluezx.exe
URL Status:Offline
Host: 208.67.105.179
Date added:2022-07-25 06:02:04 UTC
Last online:2023-03-08 22:XX:XX UTC
Threat:Malware download Malware download
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2022-07-25 06:03:06 UTC to info{at}serverion[dot]com)
Takedown time:7 months, 16 days, 16 hours, 19 minutes Bad (down since 2023-03-08 22:22:29 UTC)
Tags:32 AgentTesla link exe Formbook link SnakeKeylogger link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-01-19n/aexe 3590964f59f17d0ed1f26cecd916e9765f294084bea632ffb9e3cc86adb5daafn/aFormbook
2022-12-14n/aexe 1c950cbfbc4b8bb108d3967a68fb9e35410f55e3cb5d352575a1c81452e6fee3n/aSnakeKeylogger
2022-12-13n/aexe 4724f3238c5e64fd23f2b3ecab18a4537f08b881b43aa0cbdea73eee31ef8a75n/aSnakeKeylogger
2022-12-06n/aexe d185563b31493b6db9324c31359041915355a73edef83168eff5500cb6dc8109n/aSnakeKeylogger
2022-12-06n/aexe 1efb4849c602604751e13156b1724eee6f7f8c4d65279b40b9e995b50ead796dn/aSnakeKeylogger
2022-11-14n/aexe 1e9c6feb801d3596d0090cb133a916998b321902a9088cd6b72fe0c9013a5ee9n/aFormbook
2022-11-14n/aexe a33a8a9c70d441ce1c244817950cffd5fd82a1e63a7fd0d988ae9a43b502f797n/aFormbook
2022-11-02n/aexe a09637760d34ae121192a7df9ab202941ccf3591c64fc8c2b49c403a6d7ac087n/a 
2022-11-02n/aexe 4f9717b447733bc2b01bd86663eb360b5c9192438c2b5b430b76ee92f7bb8de4Virustotal results 28.17%Formbook
2022-09-14n/aexe cf383a1696e5cf4be442dbb5ccf9c7bcc28568971f9ced2ca788af0c3a696e7bn/a 
2022-09-13n/aexe 60c42f99a31ac98bef9842b41aa61494f53fee92128b0e7ccf134aecb06d37c7n/a 
2022-09-12n/aexe cf7900c007fa82fce97b5987f63a778218340a7f7a9212a5e77231919f9ec232n/a 
2022-09-05n/aexe fdaacf42dd6d4e68a86f55cdcf550e7c55025583442e700591a23f5c6f47b016n/a 
2022-08-22n/aexe 914500554df0d8129b1b5c69da9657ab96f58c6bc0a0bc278801f2d97aeaa024n/aSnakeKeylogger
2022-08-22n/aexe c1df7aac5f38e6f8a335eb8bb4edf256cceb53e48fac0a526f7711d7f07ece61n/aSnakeKeylogger
2022-07-25n/aexe 3845cb20ec33d67319ad79f3b198596f756bd6997c91c573a560329c843539c5Virustotal results 54.93%AgentTesla