URLhaus Database

You are currently viewing the URLhaus database entry for http://208.67.105.179/osburnzx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2412770
URL:	http://208.67.105.179/osburnzx.exe
URL Status:	Offline
Host:	208.67.105.179
Date added:	2022-11-15 11:37:04 UTC
Last online:	2023-01-19 16:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2022-11-15 11:38:09 UTC to abuse{at}serverion[dot]com)
Takedown time:	2 months, 5 days, 5 hours, 19 minutes (down since 2023-01-19 16:57:13 UTC)
Tags:	exe Loki

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-11-28	n/a	exe	d401b85aa3f59b9fe3430f23bc40c36ac9af0aa95570c5701ee47df6e879bb52	n/a	Loki
2022-11-28	n/a	exe	320cd864f1bcd59e122d933cb6cb19cdb1b679bb4e04d48ae81be09803c1cf29	n/a	Loki
2022-11-17	n/a	exe	8be7904691948559b0bc4ea97c553774a2fdc46eb34ce145147921dde7747eeb	n/a	Loki
2022-11-16	n/a	exe	5af0239d5f1e95e5345b0ef207f5ba8f940a2105462b307748bc888ca0beee43	31.94%	Loki
2022-11-16	n/a	exe	3b8a08fa01663501b58f70feb8f3af4651b3c30c665f6b70c7286192e0546b88	n/a
2022-11-15	n/a	exe	5e202e33d925386a3eb96a317e2db316753265f8e53561a4e92fca1f3f8eaeb6	n/a	Loki