URLhaus Database

You are currently viewing the URLhaus database entry for http://80.76.51.248/sirmx.vbs which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2706778
URL:	http://80.76.51.248/sirmx.vbs
URL Status:	Offline
Host:	80.76.51.248
Date added:	2023-08-24 13:44:04 UTC
Last online:	2023-10-13 23:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2023-08-24 13:45:09 UTC to abuse{at}des[dot]capital,abuse{at}serverion[dot]com)
Takedown time:	1 month, 20 days, 9 hours, 18 minutes (down since 2023-10-13 23:03:37 UTC)
Tags:	AgentTesla ascii vbs

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT
2023-09-11	n/a	unknown	bbdb53087a8e38fb550f835c82164bea936fe3900d79dccedd5e59beb872c73e	n/a
2023-09-07	n/a	unknown	519c0e9a45dcc81d73132dd7abe88cbce77f1468765199676615dff4770d63d4	n/a
2023-09-06	n/a	unknown	03fc1dfcc57cdd15ece75650d99d09bba22494dcb7517a035295381a3097876f	n/a
2023-09-01	n/a	unknown	305474f9d31d9b26b71610ac07cf315f3d7740f578e0d66a2db38587cb5d884a	n/a
2023-08-29	n/a	unknown	11f7ed2ec476e27f4ced1c7ca194e0ed6e194a6a6e5b290ca764e2684105727d	n/a
2023-08-28	n/a	unknown	dd99e800d8fca060b910011c97bd33f36a32584227ce920d36e42ea597e76a3b	n/a
2023-08-24	n/a	unknown	87baa59a4b75fe0f472bdc313a04e78796eee534e457b037102f4fc8f1830d5d	n/a