URLhaus Database

You are currently viewing the URLhaus database entry for http://208.67.105.179/bobbyzx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2264749
URL:	http://208.67.105.179/bobbyzx.exe
URL Status:	Offline
Host:	208.67.105.179
Date added:	2022-08-04 14:53:03 UTC
Last online:	2023-05-17 11:XX:XX UTC
Threat:	Malware download
Reporter:	AndreGironda
Abuse complaint sent (?):	Yes (2022-08-04 14:54:06 UTC to abuse{at}serverion[dot]com)
Takedown time:	9 months, 15 days, 21 hours, 5 minutes (down since 2023-05-17 11:59:19 UTC)
Tags:	AgentTesla exe Formbook Loki RemcosRAT

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-01	n/a	exe	9846f06c53ac1c4b98ab94ae1db5d2b1e7e160d1c8bb9622aaa6fd471efdf4f7	n/a	Loki
2023-04-25	n/a	exe	12dc3dedf943f18e565b3c37f2d2eac8382fccdbd492bb710266b230bca288ae	n/a	Loki
2023-04-25	n/a	exe	b72c3f63e398549c2072002525e09f483c6c117a511d32774f66387d0552cc92	n/a	Loki
2023-04-24	n/a	exe	99785489b3e1cee3004a5f4fd2421ddfa773bfd1d023cbbd2f307f2846bbb318	n/a	Loki
2023-04-20	n/a	exe	a3a76a33a4641ac3a8b6ebbc137ecf08c69be86d7a1d810754be57dd1f5baac9	n/a	Loki
2023-04-17	n/a	exe	d8d96fb0f87869e18b2f527be9a50e08768896ae6df8df2311a71bac4281a1e2	n/a	Formbook
2023-04-11	n/a	exe	4669e3e29315d6c6a58e7911bb6776ce27ee9619261829b4f6c7d7c2d1c991aa	n/a	Loki
2023-04-10	n/a	exe	222e95bb9306c62ed33d1385515aace6a020f71aecff8a3182b80a65d4861e92	n/a	Loki
2023-04-07	n/a	exe	fc24072129c4b44e66d2397c15f4f52bc0a0907b944c89f64f2e0cac1bbcfae5	n/a	Loki
2023-04-06	n/a	exe	48e4129cdeddc10029a319310de7e4bd14804a38495dc424f8e5e09def0e8f47	n/a	Loki
2022-08-29	n/a	exe	edd76f4398cd937c508d229a8482add54c2ec8efe84a6881af90bbd40d8b8601	27.14%	RemcosRAT
2022-08-22	n/a	exe	ba180ae6674d9daa2cbd08847130b5c39e82249838b3d7da09b3b2f67be526dc	n/a	Loki
2022-08-10	n/a	exe	41be1d666d2713c92100a830746c55b06ceffedcd0983895bcdfcee8827506b1	n/a	Loki
2022-08-04	n/a	exe	e5097db57c0475b96c038290399f48135c5273c569aa476eb7d8b98c4b92c8f5	n/a	AgentTesla