URLhaus Database

You are currently viewing the URLhaus database entry for http://208.67.105.179/seckellyzx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2296981
URL: http://208.67.105.179/seckellyzx.exe
URL Status:Offline
Host: 208.67.105.179
Date added:2022-09-08 15:38:04 UTC
Last online:2023-03-08 21:XX:XX UTC
Threat:Malware download Malware download
Reporter: ps66uk
Abuse complaint sent (?): Yes (2022-09-08 15:39:07 UTC to abuse{at}serverion[dot]com)
Takedown time:6 months, 1 days, 5 hours, 22 minutes Bad (down since 2023-03-08 21:01:10 UTC)
Tags:AgentTesla link Formbook link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-02-06n/aexe 0d8e7bb7da2c64a94fc9b21f1a39079b7ac761ff4797c7091eaac4dd9b07473bn/aFormbook
2023-02-06n/aexe 7a4cbe6918c174321d777bd64c6cd6d8c6a3ba69c07a43ca357a691f0ef6a480n/a Formbook
2023-02-03n/aexe 9c1292869bf34d5077f8f2bffd19ff671a0dcd996734c3d8af1e484cac42d80dn/aFormbook
2023-02-02n/aexe 78ec1f0df89f01bef78e2b508a8980f38fffc556387be3972ace6758f0441da6n/aFormbook
2023-02-01n/aexe 909735e8a902e299207563464959d2b7a8d3821e74cdb1aade9a17162c599e23n/aFormbook
2023-01-31n/aexe fdf0c7d08d92b27b19cd74779d71066a5605f3389421a4b9f3e50276ed7223ean/aFormbook
2023-01-31n/aexe 734bbe06c909b28854008cc74bfb94d4bcb19d5e9d1c58bc5e00da61f85c4cfen/a Formbook
2023-01-30n/aexe e9d194ad3601876ff4b747bd9ad42ae50e02101c80b4a4c7aa8ce0a8dd9087a3n/a 
2023-01-27n/aexe 8dbb132dccc8fb8a83062fec3840b1556a75862c07d22a0740ca095698ed0f6dn/aFormbook
2023-01-26n/aexe d22aed126e64e2ca691c2b8779d7e18f557de18757ba56e265608890960cd09en/aFormbook
2023-01-26n/aexe 520332210fa79a3628b8a514f18ba872117489cb013809161629d1443d8ae800n/a Formbook
2023-01-24n/aexe 676685d151f56b1404c507b6fe8c8cc455507031e4045dc160650f09912f64b0n/a 
2023-01-24n/aexe bbaecebd600e11e7edb453b2d84b95b652b48c9df054cbaa9dd7f7140ec46cd5n/a 
2023-01-24n/aexe 2751d68c174cb14cb21c6e6c1c8443031b75f81709212a99623c016f6f5cc177n/a 
2023-01-24n/aexe eb8b1f04132ece98235e136e2843e71b80e85fdd829f1a209cf8a15b787dfc55n/a 
2022-09-14n/aexe 6fe17a3081db76f75994ffe5bdb2be7a73404537a1539845cefe6ce9003f1c40n/aAgentTesla
2022-09-14n/aexe 59b0d24fe6efe63e38a7a1ce278a8b3fb81e394bbbe1620568c900200a9b3b7fn/aAgentTesla
2022-09-09n/aexe c4a1db7f8dfbb4617e34b7a3a93372d46fe3d61a3b4be22a5ff634d6d746eb8bn/a AgentTesla
2022-09-08n/aexe f189676dbe1a29257c8227fadba1880f013b9152793c8dde5e4a1fb827fd2a2cVirustotal results 19.72%AgentTesla
2022-09-08n/aexe fb5699f9385bb3eb377d898e906910579fcea1165ec6c189d37a310da4e079d0Virustotal results 28.17%AgentTesla