URLhaus Database

You are currently viewing the URLhaus database entry for http://208.67.105.179/atlaszx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2605461
URL: http://208.67.105.179/atlaszx.exe
URL Status:Offline
Host: 208.67.105.179
Date added:2023-04-11 08:46:04 UTC
Last online:2023-05-17 11:XX:XX UTC
Threat:Malware download Malware download
Reporter: abuse_ch
Abuse complaint sent (?): Yes (2023-04-11 08:47:05 UTC to abuse{at}serverion[dot]com)
Takedown time:1 month, 6 days, 2 hours, 21 minutes Bad (down since 2023-05-17 11:08:21 UTC)
Tags:AgentTesla link exe Formbook link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2023-05-09n/aexe abbf85558290e3fa302f88f51243e5216f24c9bc4fce64a0f616db3be2c46e8en/aFormbook
2023-04-30n/aexe 6f6635f95155f37d66c295977e973d28b681fb57fc50caf361e5e13f1037008an/a AgentTesla
2023-04-29n/aexe 96c283a9edad7bf16f772d34c7b137d5403be1dbc96589f7d57d71a0fd89c02fn/a AgentTesla
2023-04-29n/aexe 8011db3227aaeb4d7bc937c2a4946ca62c4661baba72957904432600b0abe4b1n/a 
2023-04-28n/aexe 005b6bcc51f6ef1ddb79cd1127b889b44a2cc51c28eeb973a3b20dd8a0148afen/a 
2023-04-28n/aexe 33b5ccf1b3b48e22ab607320e0bb143ad0ac2a9770b0e385c0365366de472cebn/aFormbook
2023-04-27n/aexe 044c6038df71898680d1927a2a3251d58925ab0b91a5cc17ffc6599fe155f9c4n/aFormbook
2023-04-27n/aexe a5d84e7c823998d95d9d345b1e2e7f337288d64409ed516dbbfb92130c533632n/a 
2023-04-27n/aexe 801d5a649bf0cd074fddca06aa31dd5e9662f3b5358e18778f1fad27ca7ffddfn/a 
2023-04-26n/aexe 976e8708033d7458ec6750d858fc6d49093024a2c683e038c55dc45c07cc1912n/a 
2023-04-25n/aexe f2ea300dc80eddee0a6887ea6c61f7860bff20164ebe432ebb262b4d21a3265cn/aAgentTesla
2023-04-24n/aexe c65c02745d240718672933e9ad25b6a65d1d61ce7c5d317d6447732490434357n/aFormbook
2023-04-24n/aexe 067bea125f176d75cabed99b0bc6bd3a3957baf3a361d6d3848911446e48d1b1n/aFormbook
2023-04-24n/aexe 4f3beb04e0d4713530c2f9c369c300186ab01d902f060a904e5648490e8ba708n/aFormbook
2023-04-23n/aexe cbdac32d6f43a1f03a26cc2fcc6ea13586f0d7f85764c1626cc71ce30bc0434bn/aFormbook
2023-04-22n/aexe 41f5cbe54ff660e02322df7ad640e63d1f03ea1f663762e7680b6601013bec76n/a 
2023-04-22n/aexe af48c5fdad84f2f85b50a9220a64acfc63ea7ffdc69f59fb658be8cff5388aaan/a 
2023-04-21n/aexe a83adc88feb896f4fa1b09b3d5043fd506f9de5f6d695f7e18bb3d84019abb85n/aFormbook
2023-04-21n/aexe e7c0f1c7d8be3a2927c65cbdf4a2f0dd835b4bcf81eea19a00e50d1fc1a191d9n/a 
2023-04-20n/aexe 540c181beb778359eea5bd699310b2cebd8017d5286d408b1abf12e1228b7b9dn/a Formbook
2023-04-20n/aexe 44665e986b18ac11dfc0d8226d232b436310ae04126362e26d9b59cb85b2827dn/aFormbook
2023-04-19n/aexe 116b9713050d8eeb105d6fcc7c59bd0ed313cbe6ecb642d8c11e4e866caebec6n/a 
2023-04-19n/aexe 448d6dc52b247988a4ecb099b1d8b5ca823e87285e0b59941c6900696329ed0an/a 
2023-04-18n/aexe cc51d03e64ddec468ae16504134dff22ed4e616315f3d11da6e052d325605573n/a 
2023-04-18n/aexe b72c3b9a0ae27b5a0883ddf6ec51354315301366913aac3d835ce9fff8722be9n/a 
2023-04-17n/aexe 6afbb9ebc94ae5fbc1a98207af3ce84dec75c243605ebbd6b15b721165e4130an/aFormbook
2023-04-14n/aexe 3b7123dfe69acd94de4ddb86cafc72407b3ba2f907b4a986d9dd48308562d9b7n/a
2023-04-12n/aexe c86bdc62b77754389bc92843d9ab1d3899a1a4d1c170fe59905ae0ad81d40717n/a 
2023-04-12n/aexe dcdb7f638e569b38ae5042cd89a30df3baf2b9147a8e750cef0a83b0a6e60d13n/a 
2023-04-11n/aexe 2b63b34e46c1a7d185b0fed082353a4641e84f682c71e6b3faa24ebb9b83bf10n/a 
2023-04-11n/aexe 42f025f744bb97509425ac749ada6c20ef6439d193e537a013b981ad4d21e124Virustotal results 45.71%Formbook