URLhaus Database

You are currently viewing the URLhaus database entry for http://87.121.221.212/obizx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2676394
URL:	http://87.121.221.212/obizx.exe
URL Status:	Offline
Host:	87.121.221.212
Date added:	2023-07-04 08:22:07 UTC
Last online:	2023-07-26 07:XX:XX UTC
Threat:	Malware download
Reporter:	JAMESWT_MHT
Abuse complaint sent (?):	Yes (2023-07-04 08:23:07 UTC to abuse{at}des[dot]capital)
Takedown time:	21 days, 23 hours, 21 minutes (down since 2023-07-26 07:44:07 UTC)
Tags:	AgentTesla

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2023-07-18	n/a	exe	f591f3b46cc1844550906abe587a1d82b96b37bac5621c1937ab8b0552258417	n/a		AgentTesla
2023-07-18	n/a	exe	2c4d72ac436fbd83a5e3138bd493bee423663f054dfbbc55c5cc50e13f5723f2	n/a		AgentTesla
2023-07-17	n/a	exe	cc4fdb08add53fb88359e79433559140f40f61edd79058e62a83a7ae1761093a	n/a		AgentTesla
2023-07-13	n/a	exe	ae50c62b53bbc6a13083d2940285b2fa57ed71a53c3c28dbe867539d50a3bec4	n/a		AgentTesla
2023-07-13	n/a	exe	327a8152267ef86944cbbba1a38e0cdf19872538d6d138d160b094911cac0183	n/a		AgentTesla
2023-07-11	n/a	exe	63a758185f054b9b69bcbb6cb7ec2eedb470e44af92ab04da4dd1c47eba3ce13	n/a		AgentTesla
2023-07-11	n/a	exe	b904706649305fe28180f1a2a3f6a22050fd8dd2805cd997996d892d5bf81c89	n/a		AgentTesla
2023-07-11	n/a	exe	ed2bfc64ba4a381ef57412a82accaa363dd54103ac7b5899718178f2fd819154	n/a		AgentTesla
2023-07-05	n/a	exe	04c13a731f4ac3bb43e76c929748519971bdf988251a4cc08a5063aac0b9411d	n/a		AgentTesla
2023-07-04	n/a	exe	7fa82e801a137ca5986e6d7544be241063e9bb46c5b03398b84a6a75acc52f1c	n/a		AgentTesla
2023-07-04	n/a	exe	a7fccd2125b70a6494d13f56023c1885b75edb728e42bbeb48bcb4346fbc2133	32.86%		AgentTesla