URLhaus Database

You are currently viewing the URLhaus database entry for http://208.67.105.179/samuelzx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2312761
URL:	http://208.67.105.179/samuelzx.exe
URL Status:	Offline
Host:	208.67.105.179
Date added:	2022-09-24 10:35:04 UTC
Last online:	2023-05-17 09:XX:XX UTC
Threat:	Malware download
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2022-09-24 10:36:12 UTC to abuse{at}serverion[dot]com)
Takedown time:	7 months, 24 days, 23 hours, 3 minutes (down since 2023-05-17 09:39:22 UTC)
Tags:	32 AgentTesla AveMariaRAT exe Formbook GuLoader RedLineStealer SnakeKeylogger

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-09	n/a	exe	a98cb609a48a550a1afedb557a9519289fe8d51755a16864617612e16f7b0982	n/a	SnakeKeylogger
2023-05-08	n/a	exe	468d21c12e3590ec0a5a97a2f515878192f6beaddb4a721346890218af827bc6	n/a	AgentTesla
2023-05-04	n/a	exe	87ec8dcb44c20195f72ea0d6d2ac3572a9241bb1e0c7f770d8d13e65a4cf9155	n/a	AveMariaRAT
2022-11-03	n/a	exe	ba6c343f813d13870c4d811459585f76c678c71fb32a24b3c13f6a26fa8d28e0	n/a	GuLoader
2022-11-03	n/a	exe	a81489460818664146f756543f081b702bcb69244ebf8f6a240b02b2357c577c	n/a	GuLoader
2022-10-27	n/a	exe	a63df56777dee301cd34280144b498d17c8e7c0ccf057224abf73cab1b220b68	n/a	AgentTesla
2022-10-27	n/a	exe	eaa91b97199a371d6361bc0ca5cb757d46c25b732cf7331bcd4e3bcdb4bb6e9a	n/a	AgentTesla
2022-10-21	n/a	exe	e1616da37fe196d646b847a18c62d2441a922e8ded46dcf121e37a6d42957e02	n/a
2022-10-10	n/a	exe	78bb9dc10df3452cd304b43147e1dd4f2afb7de2dd347d688f6a9a0e66350153	n/a	Formbook
2022-10-07	n/a	exe	d14d54e9068268b8b42b66b6bce13f374f4ea151e6af9389513a5afbbf152a23	n/a	Formbook
2022-10-06	n/a	exe	2c6b4b7a5f2bf7375a341547b8aba86baa78bcdd52bb5e594f9a4ba957c42380	n/a	Formbook
2022-10-05	n/a	exe	3ec647b954f76b4a8a4817083e7191ad18a4a541a5f7875682b3009fb9f9649b	n/a	Formbook
2022-10-03	n/a	exe	a6041dddee41fdb6417fac38903febee6806df4f7e660168960ec5c488a1e689	n/a	RedLineStealer
2022-10-03	n/a	exe	94630dcd256f52e3a0123844fff4b0a0214c1ea11cda72ee5e59dc057f5badca	n/a
2022-09-29	n/a	exe	93b41f139523aa5e95c9dac7265837e1b85d25a6dacd959e2c68a10a16d00654	n/a	RedLineStealer
2022-09-28	n/a	exe	b99c06c4953f2e318be4cf35be04be36b44fffe577e9e7597fbc437120c8c4ff	n/a	RedLineStealer
2022-09-27	n/a	exe	323871cbfdb1cc53d7542bc30fcae330604ec1a12482b18a85614e75a56ef004	29.17%
2022-09-27	n/a	exe	fe067f037c507e0b99f5d643ba397f2a5563acc8e71e60ed80a6b619f3ea55ed	n/a	Formbook
2022-09-25	n/a	exe	05121b327a89cc84f0897e90c9089614b4909eb6f8a8090b10a15a8f2739840f	n/a	Formbook
2022-09-24	n/a	exe	2e6b14e41b3f871355635c7427cb1531a9b61a37e137f90a590d21eab7648f2f	25.00%	Formbook