URLhaus Database

You are currently viewing the URLhaus database entry for http://167.88.170.23/obz1.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2437521
URL: http://167.88.170.23/obz1.exe
URL Status:Offline
Host: 167.88.170.23
Date added:2022-11-29 00:32:05 UTC
Last online:2022-12-09 06:XX:XX UTC
Threat:Malware download Malware download
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2022-11-29 00:33:08 UTC to admin{at}frantech[dot]ca,fdias{at}frantech[dot]ca)
Takedown time:10 days, 5 hours, 58 minutes Bad (down since 2022-12-09 06:31:28 UTC)
Tags:32 exe Globeimposter

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-12-09n/aexe dff7669d92c1d006fc05c897a114b7dc5e1e4ff3e682b1ad2c23dd3d35f392aen/a 
2022-12-08n/aexe 73cd06370c7a97d7f24f5beb8eb8876702365d0cc8803b669a217036411543ean/a Ransomware.GlobeImposter
2022-12-08n/aexe d2b1abf80ee544fb78a635077d29e48b27c0206dbaf67a4106aa9c6c7aa57777n/a Ransomware.GlobeImposter
2022-12-07n/aexe 0fa67f3028254aa032ef5a962d7067fd9d6da353bd1462287b9f7139b2880079n/a Ransomware.GlobeImposter
2022-12-07n/aexe 1a40a8f87e649416ae337d1b634112bc2c5c78f867834982f4b4716c71357e71n/a Ransomware.GlobeImposter
2022-12-07n/aexe f46d1ec2c56550f33b4f30f7f0763503b5a59e0004666de62c9483a0b4dfcac7n/a Ransomware.GlobeImposter
2022-12-06n/aexe de1e31204c508318c5887b3f6175ee0ed18e8535f17606cedc018daa346b3b79n/a Ransomware.GlobeImposter
2022-12-06n/aexe dbe80bbe8073e95976ca36c5f04136e1a2918843adb01e9d7c7f7731d61633acn/a Ransomware.GlobeImposter
2022-11-29n/aexe 42cf8f16f7a65509a5916cd1f0b25d6192749965fe5ee32c63428cb8f63c6a75Virustotal results 41.43%Ransomware.GlobeImposter