URLhaus Database

You are currently viewing the URLhaus database entry for http://2.59.254.18/_errorpages/owenzx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2697841
URL:	http://2.59.254.18/_errorpages/owenzx.exe
URL Status:	Offline
Host:	2.59.254.18
Date added:	2023-08-04 03:47:05 UTC
Last online:	2023-08-23 10:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2023-08-04 03:48:05 UTC to abuse{at}icxhosting[dot]com)
Takedown time:	19 days, 6 hours, 25 minutes (down since 2023-08-23 10:13:13 UTC)
Tags:	exe Formbook opendir

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-08-11	n/a	exe	651a4c3e35b647788a3eb33862d90bc7d58912e6e99ffb8a7bd4c759634fe67b	26.76%	Formbook
2023-08-10	n/a	exe	bbd52311d6f6fcc5e1c1296fb53932cac1445ed4d3fe3872a2a8de1f83bd1bf0	n/a	Formbook
2023-08-10	n/a	exe	a16bbcd964ae89f1cae59ed66c22f1009830c91db528215972952d97433bfb71	21.43%	Formbook
2023-08-07	n/a	exe	05189b12acbe98448200d07fb553f915a88cd57ca1115bde87fba0dc77cc5f39	22.54%	Formbook
2023-08-07	n/a	exe	b723fa6187dd823012646cc23268f9a05550e8fb5018110df4ef24fa995d2141	n/a	Formbook
2023-08-04	n/a	exe	17da5b241a7c1a77d644c46063b11af84dbf96b2986e4c4c0b9b56c1689ae524	n/a	Formbook