URLhaus Database

You are currently viewing the URLhaus database entry for http://208.67.105.179/stevezx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2614107
URL:	http://208.67.105.179/stevezx.exe
URL Status:	Offline
Host:	208.67.105.179
Date added:	2023-04-19 16:21:05 UTC
Last online:	2023-05-17 08:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2023-04-19 16:22:05 UTC to abuse{at}serverion[dot]com)
Takedown time:	27 days, 15 hours, 47 minutes (down since 2023-05-17 08:09:59 UTC)
Tags:	exe Formbook

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-05-04	n/a	exe	9428a8cb5cf276628dfa0fe68ad6e9169a0a12eb6d00636cd64c39111ddb3aab	n/a	Formbook
2023-05-03	n/a	exe	c0d7153b8d4b6baf982feeacf3444052f01ea00d52e199d8e610bbfabccbcb7f	n/a
2023-04-26	n/a	exe	a4515730dc2be572ac039d78bfc3c3e2e1bfa4a737e67f0a709b29d94c737ca6	30.00%	Formbook
2023-04-26	n/a	exe	318926e8c6bb4bc02f3522887ef024257664d4370d511059ece7d63d14f694e6	n/a
2023-04-19	n/a	exe	3b86e5743a7a35e6c3e1dc7cb1a844299e7b1f9eeea5bb7e51ca0de52b808803	31.43%	Formbook