URLhaus Database

You are currently viewing the URLhaus database entry for http://208.67.105.179/donpyzx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2612597
URL:	http://208.67.105.179/donpyzx.exe
URL Status:	Offline
Host:	208.67.105.179
Date added:	2023-04-18 11:43:04 UTC
Last online:	2023-05-17 09:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2023-04-18 11:44:05 UTC to abuse{at}serverion[dot]com)
Takedown time:	28 days, 22 hours, 2 minutes (down since 2023-05-17 09:46:34 UTC)
Tags:	exe Loki

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-12	n/a	exe	9bcad2bea581286ebd4302eb150125329a5927764de5c64264bc9daef332c379	30.43%	Loki
2023-05-11	n/a	exe	be0620cc8546300ed143e48934cdf5dd5fc4db596d1025f034517793f71e5e25	25.71%	Loki
2023-05-10	n/a	exe	5476b336b77951457b9c5018e0e6e40e3be8fc38a628076d353d5a35edc921ef	37.14%	Loki
2023-05-10	n/a	exe	2d4abc06cfac67220aa879ecb76806a8d976d0740c3504500fd2c29dd7dc4c48	44.29%
2023-05-09	n/a	exe	dca1d0825cdbf98bf61db27a0f5c14862c9e339b9b3d52f3b7c671e5a76256ec	n/a	Loki
2023-05-04	n/a	exe	93dc3c7c8753d61d7849f608d7c5652e5868585f04ac69defcc7020d005b53d6	n/a	Loki
2023-05-03	n/a	exe	715b032282caa091a569892c6139bfa062e53ad7e37904fb3c57400fc1f494e0	n/a	Loki
2023-05-03	n/a	exe	46ec07717ba6bf115c3a3e2ab5b540379474ac1e9b0b5b0d553900b73fb6b255	32.86%	Loki
2023-05-01	n/a	exe	707757a138c5245958298d580048297507e2c237df45a9707ad551cca8b4f550	n/a	Loki
2023-04-30	n/a	exe	3024c31fc46c7adcb52753e48a7af3f84dfd16121590761d7377ed14a12ce571	29.58%	Loki
2023-04-29	n/a	exe	ccd5dbde7f1824f906db4cec029c44ea3d4e0706702fd0f97bc73fe426c56d53	n/a	Loki
2023-04-29	n/a	exe	f5742553830d66dcbe64103dd22c3481077d08db70dc4447ce50220d286255a6	27.14%	Loki
2023-04-28	n/a	exe	0f782a18310e85fb4c6af94175693a695d75311ca863eb88382eb0ef833e3fb5	n/a	Loki
2023-04-27	n/a	exe	8e85dc2021de35b9e048c5ed12df5144d9a0c5fd9c79b221cd3d3976bdf5c0af	n/a	Loki
2023-04-27	n/a	exe	3a28ae767be7e7db2c34843c5bae4af2baa54017f75f4319be1907634b429144	32.86%	Loki
2023-04-26	n/a	exe	7401a6e55be0e1b6e5a273dc735b248467aa6c9f97891991bad1e4efbeb21e0f	24.59%	Loki
2023-04-26	n/a	exe	b47bc4fcd3217ac6cda0cd4318054095dec027902001cd9541e2118bdcbc45fe	34.29%	Loki
2023-04-24	n/a	exe	c830b8b6620385f0f7d3b090f4c38809d7ac37f013b9c1687e39e80564cc445d	27.14%	Loki
2023-04-18	n/a	exe	5a9397f2ec2a6609708ad1bbbff41e1d6d099d863d0714003d35070be9786edd	n/a	Loki
2023-04-18	n/a	exe	3c55595857f8c19385e8e5ad4732797a409c113e2c6be94dba3a143c2dc4415c	n/a	Loki