URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 104.168.32.31
Firstseen:2022-06-14 07:31:03 UTC
Total malware sites :11
Online malware sites :0 (0%)
Offline Malware sites :11 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2022-06-14 07:31:09 104.168.32.31104-168-32-31-host.colocrossing.comNot listedAS36352 AS-COLOCROSSING- USyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2022-08-22 07:40:05http://104.168.32.31/90/fed.exeOfflineexe Formbook ext opendir abuse_ch
2022-08-09 16:47:07http://104.168.32.31/new/new.exeOfflineexe opendir rat RemcosRAT ext abuse_ch
2022-08-09 16:47:05http://104.168.32.31/new/document.docOfflinedoc opendir abuse_ch
2022-07-05 15:19:04http://104.168.32.31/77/vbc.exeOfflineGuLoader ext Anonymous
2022-07-04 18:17:04http://104.168.32.31/receipt/receipt.docOfflinedoc GuLoader ext opendir abuse_ch
2022-07-04 18:16:05http://104.168.32.31/123/vbc.exeOfflineexe GuLoader ext opendir abuse_ch
2022-06-20 14:16:04http://104.168.32.31/298/vbc.exeOfflineexe Formbook ext opendir abuse_ch
2022-06-16 12:50:05http://104.168.32.31/288/vbc.exeOfflineexe Formbook ext opendir abuse_ch
2022-06-15 16:55:05https://104.168.32.31/233/vbc.exeOffline32 exe Formbook ext zbetcheckin
2022-06-14 08:01:04http://104.168.32.31/213/vbc.exeOfflineexe Formbook ext opendir abuse_ch
2022-06-14 07:31:09http://104.168.32.31/233/vbc.exeOfflineexe Formbook ext opendir abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2022-08-22 07:40:051dc7309f7dd394071a6b83e32be1cd98484f813b22790b0a7ec426488cfd82cbexeFormbook
2022-08-10 17:10:4738eaca2db037474dc07ba540efd3348e9ad1a7a9cb395b60db84409152f26463exeRemcosRAT
2022-08-10 08:09:34f4736fffb7caa557d796f39e376448b637c97ff24d8cf7cf1f08694e3f40f22dexeRemcosRAT
2022-08-10 07:13:583129da4f076050467e4f2f88b03a43cdbdc65724d16ba03141d0e90971200af4exe  
2022-08-10 06:50:567d2bce268c0b7b1bc232f1c7b7b169f195be8b931cc92d276de0733428bd4a0bexeRemcosRAT
2022-08-09 16:47:07fa630a35f8fbdb040aa52649e4e311a6eac1ea4e7fc0614dbb92a368b2bb3839exeRemcosRAT
2022-08-09 16:47:0550bf1defd0117d5bde2a4fa2eee9d6d75d4c78b0bcbfb56f2d7a28eddc93a869unknown  
2022-07-05 16:43:486851a4631d6170e6d51a08b0d0340cd96e02760d575474942414da0775af1a16exeGuLoader
2022-07-05 15:19:0417c3ec4991e582c488b8ab35a5f563240d846f8065e1761d10eeefdc397e8f2bexe  
2022-07-04 18:17:048976852d934a95099303f88249218c0be744ab72fcc59c60ef1486e7ed61507dunknown  
2022-07-04 18:16:05626d762f0b49b7493e165bc4a741b1cf48741fce009fe5c499d19b75308978e2exeGuLoader
2022-06-20 14:16:04fdf44485175a68853cfd5220f37f3639ce6f0af8af152fba7456cbf6f94b16a6exe  
2022-06-16 12:50:05533eb6971f42dd17b3042b98ebed4dedb0be2676ba3c87fa0a0dc33cc0aa20fdexeFormbook
2022-06-15 16:55:050a874620c8336c25f8959fc05e5bc16b9b201fe2eb5849963028351f655469b4exe Formbook
2022-06-14 10:27:420a874620c8336c25f8959fc05e5bc16b9b201fe2eb5849963028351f655469b4exe Formbook
2022-06-14 08:01:04fb8a5fdf6e7ff1a272f9384f5205ac8a271907266294044412629ee2c307128bexeFormbook
2022-06-14 07:31:049f37e00170966e5610982ac2e08687d1d7367582d596c29938166a35b11408e6exeFormbook