URLhaus Database

You are currently viewing the URLhaus database entry for http://208.67.105.179/prosperzx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2534757
URL: http://208.67.105.179/prosperzx.exe
URL Status:Offline
Host: 208.67.105.179
Date added:2023-02-09 06:03:04 UTC
Last online:2023-05-17 13:XX:XX UTC
Threat:Malware download Malware download
Reporter: JAMESWT_MHT
Abuse complaint sent (?): Yes (2023-02-09 06:04:04 UTC to abuse{at}serverion[dot]com)
Takedown time:3 months, 7 days, 7 hours, 40 minutes Bad (down since 2023-05-17 13:44:18 UTC)
Tags:AgentTesla link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-08n/aexe 8d1e9f52f24cb93e8030726b63b48d43d90e18390b3571f52f9326964e5de23dVirustotal results 18.57%AgentTesla
2023-05-03n/aexe c27db75067e95712b671a0f8f9fc6623ad84cd121b2e2d605570975c1bf48d3fVirustotal results 28.57% 
2023-05-03n/aexe eb77b5d84aa59f04708cc6a68fba809d6d9cb507a325e272fb83ca2c8b416295Virustotal results 31.88% AgentTesla
2023-04-30n/aexe 7786dec62d983e213f5c42feff751d29787113997c4384a00b3c464eac25dfa0Virustotal results 28.17% 
2023-04-29n/aexe 20fb850c8d263f1c962c3d7a44581239776c88b451fa03c36b7af201a30f002dVirustotal results 26.09% 
2023-04-28n/aexe 0bbc1146243f66d93941d26fa3bd114badd608722a5fc14a1c0cd3aebdd57922Virustotal results 27.14% 
2023-04-26n/aexe ddd64c67a97ae66d60740fde0cca4760fdb800ca12c061a462deea09458ea32bn/a 
2023-04-25n/aexe a32c65641e0521058d7a815810d6960aa81172ee9f4af48904bcf4137bc051dcVirustotal results 24.29%AgentTesla
2023-03-06n/aexe 395b7bdcd37a243402190a6e4805879bd2df0efd57a64aa8f1b59f0ffa78156bn/aAgentTesla
2023-03-06n/aexe 1d4517cd1fed529f9080fa890d99fbe96bec32213c9cfa6117054ada423ea8ffVirustotal results 30.00%AgentTesla
2023-03-06n/aexe 90fa5d78b147684b2c98b122872087a8f32c8fba09d0c6ecb5617b78c0ae0e43Virustotal results 25.71%AgentTesla
2023-03-01n/aexe b79d51959247b1e27be5ecc729c1b78687c04fbb8317ed9ff3fd175fcfa07583Virustotal results 48.57%AgentTesla
2023-02-28n/aexe deca2549d1849cf35a4c1a924db6fe95438cde05bd470de9aab41d74167e9dden/aAgentTesla
2023-02-27n/aexe 8488bd0c5049f35e7efe864bdc99b880ffa4a5b9a948e76c768227dafd0237f5n/aAgentTesla
2023-02-27n/aexe 27c76711661cf48d0dd9745cc6c389901f87c38bf7a899eed3e4134afbdb6686Virustotal results 24.64%AgentTesla
2023-02-23n/aexe 91bad1651c2a65d479bb0532b8a64e14703b5c4221140100210266b2958ebf5cn/aAgentTesla
2023-02-23n/aexe f76ca1c66b642f4b2c052a23791595f779e2696c664f69e735ab549aa627d21fVirustotal results 27.14%AgentTesla
2023-02-21n/aexe d6bac215a8319d665c5610bc0f9e66e36581c2c92462a5d523f3238869499ffdVirustotal results 26.09%AgentTesla
2023-02-21n/aexe 780820fc83c352314c4cc0dd4f09b486b8fc95abc03857211d985737fbf267adn/aAgentTesla
2023-02-21n/aexe 53eb83560df949284e8d00992e7a5acf16c77ea64ee89c0bc4b16d394640456bVirustotal results 25.71% AgentTesla
2023-02-17n/aexe 6148f139f5f3771a7ca863598c56555177e1611e3e83749c44ebef5a3728d703n/a AgentTesla
2023-02-17n/aexe c4a313a6d301b83f26b859de2a4254fbaf6b2f0d38ca3f20f1f17c05497d945fn/a AgentTesla
2023-02-16n/aexe acec9cba576448399a9e351526c7daeff1dfe09ff2203cad80c28b05acbf0aa6n/a AgentTesla
2023-02-15n/aexe ded62740ea698cc805954c1ad4f202a8bb94a709329baf613ba0178c3f79d15fn/aAgentTesla
2023-02-15n/aexe a4760317e65f79bf80363952cc156693afacfb327a2459eb30966ea11c824262Virustotal results 23.94%AgentTesla
2023-02-15n/aexe 9c631e71ef60bbef156026476390c65643d7e8200a15f97dbf38d40699ba1153Virustotal results 13.04%AgentTesla
2023-02-11n/aexe 389f6a23b14ab2700ee420caad3cbe89a251ca863c1a76ff35f7657ef9da4d17Virustotal results 64.79%AgentTesla
2023-02-09n/aexe 17c51c5c304118f741428ba3894482bf4b052783a923fee0ac730093ffdf241eVirustotal results 25.71%AgentTesla