URLhaus Database

You are currently viewing the URLhaus database entry for http://zang1.almashreaq.top/_errorpages/obizx.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2728715
URL:	http://zang1.almashreaq.top/_errorpages/obizx.exe
URL Status:	Offline
Host:	zang1.almashreaq.top
Date added:	2023-11-07 06:56:04 UTC
Last online:	2023-11-07 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	zbetcheckin
Abuse complaint sent (?):	Yes (2023-11-07 06:57:05 UTC to abuse{at}cloudflare[dot]com)
Takedown time:	1 month, 3 days, 17 hours, 11 minutes (down since 2023-12-11 00:08:34 UTC)
Tags:	32 AgentTesla exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2023-12-07	n/a	exe	862b70eccf66509357985d1f207f5c7a05f4b9515ff8873723004cbecdcc5fd0	n/a	AgentTesla
2023-12-07	n/a	exe	2214a1536f1997efda81e136d845661f0178b44a6b104f72d7f73628e6158d08	n/a	AgentTesla
2023-12-05	n/a	exe	d134c531dc1702e7fb2efb1b65146a367b76cd97c78e23492f2a45719bc80a2a	n/a	AgentTesla
2023-12-03	n/a	exe	90692f33abb1c304523cbd1ef8faf16d31a9ba0ef1a99b00aaa267ea14b2fecc	n/a	AgentTesla
2023-12-01	n/a	exe	7a7ff26b66d38cc6f04b3c37f6531a0ad742a1547b7bb8f13fe0f01abea834e5	n/a	AgentTesla
2023-12-01	n/a	exe	bbd571c10577d25dcdb8b4302d9e2cd872d824fb6df542997fc4819bbce147b6	n/a	AgentTesla
2023-11-30	n/a	exe	bd9bb2de061fa953cb38f7ec4b2d81ec756df1c75f5345ebbba2c606777eaa9f	n/a	AgentTesla
2023-11-29	n/a	exe	70aeef80a27c2ddbb1f5add59917db97f80502aee34f6440bae839eb655b62c6	n/a	AgentTesla
2023-11-29	n/a	exe	ddc585d586ae696d4456a9ade6cf17e92302f51b8a48a7ba5955c432661cce3d	32.39%	AgentTesla
2023-11-29	n/a	exe	42aa758cd3fdd60d520936842e28d077a1d7efd1fd71d8899cef8ea85d6e3e8f	n/a	AgentTesla
2023-11-28	n/a	exe	60809e8d674591bfd67d9544930ec36ebd7f0faea2cbde7e4898f20b6d59c39c	26.76%	AgentTesla
2023-11-24	n/a	exe	931f38d16e4369c01166d7dac9bbe0bc28af3228b6fca5d4f23e6f06f2f13333	n/a	AgentTesla
2023-11-24	n/a	exe	7e352106b797fd772547c6d0cdd113c888a9170cbf648b81fa136263e8e435d2	31.94%	AgentTesla
2023-11-24	n/a	exe	25b457cff27046a05af9fa7f17f75df7f5575e0552fabc6ed2bb9b9f14eb927a	n/a	AgentTesla
2023-11-23	n/a	exe	ac42bb7461430ed2dd0d2a31f3ff70907b50e154005bde115783bf722b0bb217	30.56%	AgentTesla
2023-11-21	n/a	exe	b4e79f9d059bdd6edf35568d1670f035b546187dac8ac6e38f12a0350150646d	n/a	AgentTesla
2023-11-20	n/a	exe	7d0def77a0bec3d3c3b7aab43cece6a43f4eeccb8295e0bb1f1cea1cc8863a23	n/a	AgentTesla
2023-11-16	n/a	exe	3c5b2f4fa3ccf92f517808d003cf628665f85038fe50851fa1df2e37a0eef19a	38.89%	AgentTesla
2023-11-16	n/a	exe	9d91503a8bd7f593810227ad958998efd5a73a6c865fc39489ffc77e3a582552	n/a	AgentTesla
2023-11-16	n/a	exe	f6e35b74495dc99e7bf37c4f6f2c024d6f314e5b53b829cab27be6c88dd31df3	25.00%	AgentTesla
2023-11-16	n/a	exe	8632a6cdacd3c2ca44c427d1ef6bea4a9c16a7089a31f12fe79ba6e108860902	64.29%	AgentTesla
2023-11-07	n/a	exe	d1164fe7652f2c5c800f0227383ebbd77157e84ff84d6713e4a8ea3ff7d47f86	41.67%	AgentTesla