URLhaus Database

You are currently viewing the URLhaus database entry for http://208.67.105.179/andyzx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2474207
URL:	http://208.67.105.179/andyzx.exe
URL Status:	Offline
Host:	208.67.105.179
Date added:	2022-12-20 09:59:03 UTC
Last online:	2023-03-08 22:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2022-12-20 10:00:11 UTC to abuse{at}serverion[dot]com)
Takedown time:	2 months, 18 days, 12 hours, 37 minutes (down since 2023-03-08 22:37:54 UTC)
Tags:	AgentTesla exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-01-19	n/a	exe	acc69e882585597fd69cf0c5f8e4f45bb210297401a592a192d0515a93cd82dd	28.57%	AgentTesla
2023-01-19	n/a	exe	520fa2c1a9c0ce8db4cc44c94cb6f3634bf644c80627d29fb57cdaada2025303	n/a	AgentTesla
2023-01-17	n/a	exe	49b8de8419f225ff80824c724686e41bf5a3aa525a8cf1520cdd51e64dce5837	n/a	AgentTesla
2023-01-13	n/a	exe	0998bea494916b3130743e11b5bdca0f686939196e570cb08c2445546c38d1a8	n/a	AgentTesla
2023-01-06	n/a	exe	e4ef15651aa011744cab2c3581c4ae6234744da855df26f50f63a64a2c1034f9	22.54%	AgentTesla
2023-01-05	n/a	exe	d189451af51eb57c32ad3364fd9dff8849a0ad1df0b9ca006084639603505798	n/a	AgentTesla
2023-01-05	n/a	exe	579e34090b5f5ba99e7757ac444df8b7976c234a5b68afca5c5508020171d33f	n/a	AgentTesla
2023-01-04	n/a	exe	bc38788b1e056aabed9efeaf8b7388b16faaead2b5b0f45d83d12dc2651fa0da	n/a	AgentTesla
2023-01-04	n/a	exe	36bdcbf6b5dc9188b19c540648f2a359337d16c61b9b43cae6a5a10ab860af92	n/a	AgentTesla
2022-12-29	n/a	exe	af858def0f616ad682057578ad5db6fdc6f8fa9bc3413fda170360cdb7657a99	n/a	AgentTesla
2022-12-28	n/a	exe	15b20b034190c41fb01b550ba3e11ca822bc6ed963c6e1e5f2422833b209aea4	n/a	AgentTesla
2022-12-27	n/a	exe	b1ce114d1b69edbc2fedd700e2ab5400c5f1fc62ca899235cfa0666a986641d1	n/a	AgentTesla
2022-12-27	n/a	exe	2fa992dea738a84ae8b297214ae3da1bc03591b05f4b2c0f3883270ece33a352	n/a	AgentTesla
2022-12-23	n/a	exe	57901cf97d0ab4c57f8b4927c75bd8761182b5ddb80d09bb917aab71ae68d7c6	21.13%	AgentTesla
2022-12-23	n/a	exe	e20d7d444ad9ce30cc4ece0d516a4cada39b67a999cc5854a7f7ffb4f3edbf9c	22.86%	AgentTesla
2022-12-22	n/a	exe	cf85db51ca588dccbb60fb064b3e46f650a7596a53272b08d377f70620c2472f	29.58%	AgentTesla
2022-12-21	n/a	exe	f227b51c6347b3acf53b8e54e84864c2c3e4ef973226bc517f0f9852dbc1bfcc	n/a	AgentTesla
2022-12-21	n/a	exe	14fc0ae08d5282c96a638772e167c177677bccdc2f39b858bbe3bfb4f93a7d50	20.83%	AgentTesla
2022-12-20	n/a	exe	02bc9f0cd976fbf90405a3ce28323cd6e9c15764866a244457e966434ec3056a	n/a	AgentTesla
2022-12-20	n/a	exe	46c2e255761e1ab91b1ada27cd4e526e55039576c7a5eadfaa20c454543ac29f	n/a	AgentTesla