URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	109.206.240.64
Firstseen:	2023-02-07 14:05:04 UTC
Total malware sites :	22
Online malware sites :	0 (0%)
Offline Malware sites :	22 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-02-07 14:05:11	109.206.240.64		Not listed	AS214238 iwihost	BG	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-06-24 05:29:04	http://109.206.240.64/HCX.exe	Offline	32 exe RemcosRAT	zbetcheckin
2023-06-22 17:53:06	http://109.206.240.64/tl/RmeONIErjnwcBdKC67.bin	Offline	encrypted GuLoader rat RemcosRAT	abuse_ch
2023-06-22 17:53:05	http://109.206.240.64/tl/hNjnzd124.bin	Offline	encrypted GuLoader rat RemcosRAT	abuse_ch
2023-06-19 13:21:04	http://109.206.240.64/EYG.exe	Offline	GuLoader	James_inthe_box
2023-06-15 07:27:07	http://109.206.240.64/tl/ZriAIHCKuK34.bin	Offline	encrypted	abuse_ch
2023-06-15 07:27:07	http://109.206.240.64/tl/HxYMQgGbx235.bin	Offline	encrypted	abuse_ch
2023-06-15 05:08:04	http://109.206.240.64/LUK.exe	Offline	32 exe GuLoader	zbetcheckin
2023-06-15 04:27:07	http://109.206.240.64/HBZ.exe	Offline	32 exe GuLoader	zbetcheckin
2023-06-01 17:50:08	http://109.206.240.64/HKL.vbs	Offline	remcos RemcosRAT	James_inthe_box
2023-04-22 01:22:04	http://109.206.240.64/MFV.exe	Offline	32 exe RemcosRAT	zbetcheckin
2023-04-22 01:22:04	http://109.206.240.64/KNG.exe	Offline	32 exe RemcosRAT	zbetcheckin
2023-04-21 14:10:06	http://109.206.240.64/EFG.exe	Offline	exe RemcosRAT	abuse_ch
2023-03-07 01:32:05	http://109.206.240.64/EKL.exe	Offline	32 exe RemcosRAT	zbetcheckin
2023-03-06 13:05:06	http://109.206.240.64/KJH.exe	Offline	exe RemcosRAT	abuse_ch
2023-02-23 12:01:05	http://109.206.240.64/EBB.exe	Offline	exe RemcosRAT	abuse_ch
2023-02-22 13:12:05	http://109.206.240.64/EFD.exe	Offline	exe rat RemcosRAT	abuse_ch
2023-02-19 10:52:06	http://109.206.240.64/EGF.exe	Offline	32 exe RemcosRAT	zbetcheckin
2023-02-19 04:30:08	http://109.206.240.64/APO.exe	Offline	32 exe RemcosRAT	zbetcheckin
2023-02-18 08:22:04	http://109.206.240.64/EEW.exe	Offline	exe rat RemcosRAT	abuse_ch
2023-02-09 05:59:03	http://109.206.240.64/ECM.exe	Offline	32 exe RemcosRAT	zbetcheckin
2023-02-08 00:44:04	http://109.206.240.64/WSS.exe	Offline	32 exe RemcosRAT	zbetcheckin
2023-02-07 14:05:11	http://109.206.240.64/EDD.exe	Offline	remcos RemcosRAT	James_inthe_box

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-06-24 05:29:04	9f3dc121257e3bd4b56bf2c7049ef407797edb49c61535c51d02633449ea7062	exe	RemcosRAT
2023-06-22 17:53:05	96d0e0ce143a111a6397f64921057909cc901faa60a534a4506e52cf23eaf960	unknown
2023-06-22 17:53:05	2e6966b104408c05f9774340dc520b201ba9b28777ca765d6ed36c32c289e528	unknown
2023-06-19 13:21:04	a2bc07beb239b5aeec5037cfa95a781675cb00ff9495bfc2af439a15b3ec518b	exe	GuLoader
2023-06-15 07:27:07	b74c51347805f19c08c0d2a1c5c5430974e486f07022be7b3bf37c43ab32d79c	unknown
2023-06-15 07:27:07	3b62b95bf04a9bbb87014a8cca687a71b43280ebf374cc368506b80ed20a99b6	unknown
2023-06-15 05:08:04	9d631f6dbf464b2cd73809ebbc09805e8ccc0fdb485b3c06fbbe6ea34a8305c0	exe	GuLoader
2023-06-15 04:27:07	a6054541b371277854294a9db3aa1673097da435ab73c4cd70f5c794d648d741	exe	GuLoader
2023-06-01 17:50:08	e224c2c5cc744249849a02dc80b8f3b54e68b867df6919675d32195c71fd2e23	unknown	RemcosRAT
2023-04-22 01:22:04	25ffd09183736426c73f73d36565cc56fd6caa83afe96970ae44e9193d07082d	exe	RemcosRAT
2023-04-22 01:22:04	4143a027af3c078d252c462f6101cc1b4b849402280371d9279e6fa62ee6cf75	exe	RemcosRAT
2023-04-21 14:10:06	6f1139be8e2ae99d7398944c54189176b51dee180a655c35d2bd109a9c35d76c	exe	RemcosRAT
2023-04-20 18:29:44	e0847030fbefcdfb72e7de696809737dac3a8db49cfa63aa740210d7c036c409	exe	RemcosRAT
2023-03-14 01:03:26	2b1a8d837347697bfbe79109000401d85da1bb731bd2c5a01f7f0329c53e2810	exe
2023-03-13 09:16:44	8529ffc78e76079766b2fc5fb8cb434cb13df50e90b3489987dd0bb752d01cc6	exe
2023-03-13 09:10:20	5a860ab04dca7279d01aa05cb760b562feb7b846f17bec110f0bd1d8cecc28bc	exe
2023-03-07 01:32:05	af9f2d56bf530f612c18e4a21f654aa8b5be48ad80a92c770699791907d95b55	exe	RemcosRAT
2023-03-06 13:05:06	d413604ffcd2897d729fd0079881b7b4a0dbd3d9d5869a97d7ec76713a12739c	exe	RemcosRAT
2023-02-23 12:01:05	860ddead6961e24905683ff61ff9509d0915e7a549f7a6a551335c1c310f042d	exe	RemcosRAT
2023-02-22 13:12:05	a0f9bf1fbef46bdde666fa0f4766e435e115c4bfbb719628ad0c0b5482f2844e	exe	RemcosRAT
2023-02-19 10:52:06	1b4d235aced111b0b5d006621b593374a4f0943ab92a3e48efa62733104802f7	exe	RemcosRAT
2023-02-19 04:30:08	f7298d0fd7a37ec9a02c0ea92c682f5778c8624b0093f51130096a8309f13d83	exe	RemcosRAT
2023-02-18 08:22:04	86bb64e08b20481ab19b601f30c7ce1800b3cfeb61d66d0bbe2fa799206010f1	exe	RemcosRAT
2023-02-09 05:59:03	1ec10be5e16b3bf64560b88f44d02a4bd759e6f7d19f1bdfc6aa8ad2015371ab	exe	RemcosRAT
2023-02-08 00:44:04	8f35ae02b5ba88554c9d41fb1cd9aaa916a8136fa8d442dcc894ac46f593d7c0	exe	RemcosRAT
2023-02-07 14:05:05	2d22ca8b9903fccf7e1408139e3241b9af152065ec3810ba1166d2f6b1597ef1	exe	RemcosRAT