URLhaus Database

You are currently viewing the URLhaus database entry for http://208.67.105.179/mpomzx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2283634
URL: http://208.67.105.179/mpomzx.exe
URL Status:Offline
Host: 208.67.105.179
Date added:2022-08-29 14:19:04 UTC
Last online:2023-05-17 12:XX:XX UTC
Threat:Malware download Malware download
Reporter: abuse_ch
Abuse complaint sent (?): Yes (2022-08-29 14:20:07 UTC to abuse{at}serverion[dot]com)
Takedown time:8 months, 20 days, 22 hours, 9 minutes Bad (down since 2023-05-17 12:29:59 UTC)
Tags:AgentTesla link exe GuLoader link SnakeKeylogger link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-04-14n/aexe b899d3d4e860cf43d9274fea91edde020f22f378dc3cf48a464f39b0315d430fn/a
2023-04-12n/aexe d8e49e503a8556a54310f2019db3151ef7287e2271aaaf788dc39372dc705f13n/aAgentTesla
2023-04-11n/aexe f7c258efa0898ba87a2828799a80359633961a62e639f08ef3498167fb2dd80dn/aAgentTesla
2023-02-02n/aexe 856f6cee8ed252e786bf4565ff647117e671e1f1f8d0f5a33887f0286843eac9n/aSnakeKeylogger
2023-02-01n/aexe 716527bcedf4027e1184a023eace3035400531c8e9fef134b4435f0afdbdbba5n/aSnakeKeylogger
2023-02-01n/aexe 242e3afa42a4b6ecbe015e0d0a2786c42a24167e05a12f380f6e63af24d8c4e2n/aGuLoader
2023-01-26n/aexe f635e3920cddccde1c4981c0a4a79332c108c1249ad34421dc54d9c30a94d1a7n/aSnakeKeylogger
2023-01-25n/aexe 97a21cdbe71ff0d84c423b4bc9a373a1de90c94ec7af9adc97a6d3812fdf2dfdn/aSnakeKeylogger
2023-01-25n/aexe 9cef746651b3dc0dc351663360dc8b614e4bd4d82b44ed13a212e988d2f3c072n/aSnakeKeylogger
2022-12-20n/aexe 3b5de5724ee7ab07f0ff37ef5e719afe8e98527cf8cc29dbb4b9fe4c198014bfVirustotal results 30.99%AgentTesla
2022-12-20n/aexe 68f762b089f51aa3bb622bbc8f41e2d924bc9ef61c3cb7188b7b7f80046062ban/aAgentTesla
2022-12-20n/aexe bce62870c720de779d53c71d42da201c71c6bada53738094ad28843c6f37330bn/aAgentTesla
2022-12-15n/aexe 61ca26ce5928275220d60743b5f27fb43d183344064381c7e6a2cdc5be31de78n/aAgentTesla
2022-11-18n/aexe e36cc1a63904dd9cc83f590451a1dfaccdd87757a5d0b07448a87e2824bee7e6n/aSnakeKeylogger
2022-11-17n/aexe 62aa2952bc9fdff73484b242111347f7d20c176e19338ef06f6c0bcbe4b1d600Virustotal results 26.76% SnakeKeylogger
2022-11-14n/aexe cc83749270a1efd6c7ebeb1e3c077a426ec98f3b25e14e268dc18b17409abba9Virustotal results 32.39%SnakeKeylogger
2022-10-31n/aexe f214e84580e14847309413ddbb5131945c8e2edd761a107019c8c9c94cec5a16n/aSnakeKeylogger
2022-09-26n/aexe 1a907c6272465a321f62dc0e27b3ccb54da6243585814d04a73463788e1c12f3n/aSnakeKeylogger
2022-09-26n/aexe 9695ac0915eb637f2b284b0a0c602aca804f176b0e4ca97608a174bdbf9d7b3fn/aSnakeKeylogger
2022-08-29n/aexe d53ea63b43d405769ac784eee1de0c7397b359034a831a9775953bb8802f4c78Virustotal results 43.66%AgentTesla