URLhaus Database

You are currently viewing the URLhaus database entry for http://china.dhabigroup.top/_errorpages/obizx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2721711
URL:	http://china.dhabigroup.top/_errorpages/obizx.exe
URL Status:	Offline
Host:	china.dhabigroup.top
Date added:	2023-10-18 03:55:06 UTC
Last online:	2023-10-18 04:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2023-10-18 04:05:09 UTC to abuse{at}cloudflare[dot]com)
Takedown time:	28 days, 18 hours, 6 minutes (down since 2023-11-15 22:11:49 UTC)
Tags:	32 AgentTesla exe Formbook

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-11-14	n/a	exe	8632a6cdacd3c2ca44c427d1ef6bea4a9c16a7089a31f12fe79ba6e108860902	n/a	AgentTesla
2023-11-14	n/a	exe	7bed4e97553689407bd76e9be2928a12824f5bf06c85a2c1cc9dd2c49dcc5004	27.78%	AgentTesla
2023-11-14	n/a	exe	fd1c7ebef7bffdee7665d3c5623bba8bb61b10ccff67e3d8cc5144b692de4f29	n/a	AgentTesla
2023-11-10	n/a	exe	a417da4eec41ccce59772248286ee9bfed2d781aec33db52829fac3d5beddc97	n/a	AgentTesla
2023-11-10	n/a	exe	21218005d2b9dab517e80b87bf4b135e876a18f0d48cd77b29ca89332c615b92	n/a	AgentTesla
2023-11-09	n/a	exe	dc60d2664af0f3881cc494e9295e0534293254f1023c22aed8159c3f85f08a4e	n/a	AgentTesla
2023-11-08	n/a	exe	a563ab0cc303385af151163bb2fe3bb88d6681f865bad186db4019ac84c7270d	n/a	AgentTesla
2023-11-08	n/a	exe	6f577b99a77df44578b36abfc5fbbfe2832568c82292ce9f9a071522108defe1	n/a	AgentTesla
2023-11-08	n/a	exe	d1164fe7652f2c5c800f0227383ebbd77157e84ff84d6713e4a8ea3ff7d47f86	66.20%	AgentTesla
2023-11-03	n/a	exe	752552967593ae07bbf553fbcc53c3aa39bfca68b9bd7c14dd4873b48c73b826	n/a	AgentTesla
2023-11-03	n/a	exe	d6ff88b43bcd53c30a82e3daba836ac89bff4658cea9058db7e937f3b290d3b8	n/a	AgentTesla
2023-11-02	n/a	exe	364e7e148cca350074ba66ede79f0fb3af3dbcbdd7bda13330e02c2709677e5d	n/a	AgentTesla
2023-11-01	n/a	exe	2330639757dc38e28e45d3e20cf7fa8988c8f094afd494ce16999c38277121ba	n/a	AgentTesla
2023-11-01	n/a	exe	0c21fd40425fd9f22814fdd019b69dad64538d8e4a49a38cf0211301d053a2d5	n/a	AgentTesla
2023-10-31	n/a	exe	f455be9f9b49063b522dd46d672e77489351d83d6620679fb2da90e3a4b9c63f	n/a	AgentTesla
2023-10-30	n/a	exe	416bdd84dde74ba3274cc21ebb65c423936518bc3d8bf5b0d8179829cd43d8f7	n/a
2023-10-26	n/a	exe	03446d8b365fd8c5488bac87d3bf769afa578a0280cd63e8736ab66f9d6c6f95	29.17%	AgentTesla
2023-10-25	n/a	exe	ab7207e159b61874ebade26fdfab34bc59253ebcd705220de515a495339e6a2a	29.17%	AgentTesla
2023-10-25	n/a	exe	3f9ec7bf967af4c912f2431e199bede2290a8394a6b5dfc5b52f131006e84a5a	n/a	AgentTesla
2023-10-24	n/a	exe	afc29232c4989587db2c54b7c9f145fd0d73537e045ece15338582ede5389fce	67.61%	AgentTesla
2023-10-24	n/a	exe	2eadbbb63c8c36c588958484ad8d5a044a689f72ea3cc81a9dcf4b1a829ff7e9	20.97%	Formbook
2023-10-24	n/a	exe	a4c0d57544223406171313e236825d0156eeb6198b07a3606b5ed6582915ba39	n/a	Formbook
2023-10-23	n/a	exe	3e51a52d1241154767d357c79c9bc9545558db8558f4a53addd95f82e87197c3	n/a
2023-10-18	n/a	exe	df239887fc79b6383173c139c8b15dc8279eb9a78e2f526646e45c14ff888b33	56.34%	AgentTesla