URLhaus Database

You are currently viewing the URLhaus database entry for http://79.110.48.52/omob.vbs which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2712745
URL:	http://79.110.48.52/omob.vbs
URL Status:	Offline
Host:	79.110.48.52
Date added:	2023-09-20 18:31:06 UTC
Last online:	2023-10-16 13:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2023-09-20 18:32:05 UTC to abuse{at}rocketdedi[dot]com)
Takedown time:	25 days, 19 hours, 6 minutes (down since 2023-10-16 13:38:45 UTC)
Tags:	AgentTesla vbs

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT
2023-10-11	n/a	unknown	0726645afaa60bf44d3703d653ec8bb95d450e04763f168d277e5967036c7648	n/a
2023-10-02	n/a	unknown	02978021865c85c96eee3e3bebe3c189a2de27fa95e32724b1421fed1f808caf	n/a
2023-09-27	n/a	unknown	f59caf2280fe26f4d178f8019d860e9ac610325264a0fc9710cc71c033aa8342	n/a
2023-09-25	n/a	unknown	90ab3161377112a2577bf714a401f905e60b45194bb70cdba6c5b5f02ddd5f8c	n/a
2023-09-21	n/a	unknown	ef6683f38ac63f9fa8933cc8098c60e6f340a5296fd8f610c94cd5009d1e4aa8	n/a
2023-09-20	n/a	unknown	3a1082f5c321715ac497d677b269c4e6509e9cc5eee71a35e95d1634525ac4d7	n/a