URLhaus Database

You are currently viewing the URLhaus database entry for http://208.67.105.179/yagizx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2406009
URL:	http://208.67.105.179/yagizx.exe
URL Status:	Offline
Host:	208.67.105.179
Date added:	2022-11-09 16:57:04 UTC
Last online:	2023-01-19 16:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2022-11-09 16:58:09 UTC to abuse{at}serverion[dot]com)
Takedown time:	2 months, 10 days, 23 hours, 36 minutes (down since 2023-01-19 16:34:40 UTC)
Tags:	AgentTesla exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-12-10	n/a	exe	eab690ef360c920d17f1fe58b42f970ecfe0e5917577b39df8c4e3e0928e251e	n/a	AgentTesla
2022-12-09	n/a	exe	d5ff206d2f2bdc833412b9a3b94ece74bbb1c61cf3cb829768760bb14f819ac3	n/a	AgentTesla
2022-12-08	n/a	exe	b589d59559f6fb9bc99c72827a082300d6418e98c56fbbdf54e7afb1e7fb1aac	n/a	AgentTesla
2022-11-21	n/a	exe	4033f899caa63eea7c3f93d6fe7d29f670e5fbd0ca5b9c1f04c52014e68cd6dc	n/a
2022-11-16	n/a	exe	d81b0e3ae49f367a516dd17a85fcf2c1e90d859dac2d8a83d4a63591acc3c95d	n/a
2022-11-09	n/a	exe	a058e4db6871ecf56adf444c908980dbfb1a6eddc2cb2eae86d86c6df6111c30	n/a	AgentTesla