URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	124.220.35.63
Firstseen:	2023-03-07 08:03:03 UTC
Total malware sites :	16
Online malware sites :	0 (0%)
Offline Malware sites :	16 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-03-07 08:03:15	124.220.35.63		Not listed	AS45090 TENCENT-NET-AP	CN	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-04-01 04:55:08	http://124.220.35.63/666.exe	Offline	32 exe Gh0stRAT	zbetcheckin
2023-03-31 16:04:00	http://124.220.35.63/110.exe	Offline	exe Gh0stRAT sality	abuse_ch
2023-03-31 15:56:05	http://124.220.35.63/bwj.exe	Offline	exe	abuse_ch
2023-03-31 15:55:23	http://124.220.35.63/380.exe	Offline	exe Gh0stRAT	abuse_ch
2023-03-20 08:57:05	http://124.220.35.63/laoxiang.exe	Offline	exe	abuse_ch
2023-03-14 07:52:29	http://124.220.35.63/xinxin.exe	Offline	32 exe Gh0stRAT sality	zbetcheckin
2023-03-14 06:13:10	http://124.220.35.63/669.exe	Offline	32 exe Gh0stRAT	zbetcheckin
2023-03-14 06:13:10	http://124.220.35.63/niubi.exe	Offline	32 exe Gh0stRAT	zbetcheckin
2023-03-14 05:20:10	http://124.220.35.63/9666.exe	Offline	32 exe Gh0stRAT	zbetcheckin
2023-03-14 04:41:13	http://124.220.35.63/103.exe	Offline	32 exe Gh0stRAT	zbetcheckin
2023-03-07 08:15:47	http://124.220.35.63/wait1.exe	Offline	Gh0stRAT	JAMESWT_MHT
2023-03-07 08:15:23	http://124.220.35.63/KKSEZ1.exe	Offline	Gh0stRAT	JAMESWT_MHT
2023-03-07 08:15:20	http://124.220.35.63/diyige.exe	Offline	Gh0stRAT younglotus	JAMESWT_MHT
2023-03-07 08:15:19	http://124.220.35.63/zckop.exe	Offline	younglotus	JAMESWT_MHT
2023-03-07 08:15:16	http://124.220.35.63/358.exe	Offline	younglotus	JAMESWT_MHT
2023-03-07 08:03:15	http://124.220.35.63/zmp2.exe	Offline	younglotus	JAMESWT_MHT

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-04-12 07:56:12	197b9147b1d40aefd4f75d394a04520d2873e9df42a5782df7df31a88c2ae150	exe	Sality
2023-04-11 13:02:27	4d11a73e4036a2ed5e797908a3fb3bd59e523b18c6afc41d2b56e2dc213de186	exe
2023-04-11 01:20:14	20ad1e6af5c86cb19ced3387f0a7928d98d5b62537d525d1a63e3ecd4a039bba	exe	Sality
2023-04-03 18:06:01	012e401eb5eb74c9aa7d2a3d6bd6a3d367786385280c2f705a85263b8f261c67	exe	Gh0stRAT
2023-04-03 13:21:40	9b75ee52e914ccdaf0afa4890860bd298da7888a521808bdcacf4e73044a3c43	exe
2023-04-03 12:51:36	d4b3679a4242f7aaaebeb673fdbd9f5f4bce891d93fc64b22c55bd9861ba55f4	exe	Gh0stRAT
2023-04-03 07:42:42	1c2ac0a191ff07118f25672a65b705cdeecb78538b2be9b412043d499176f2b6	exe
2023-04-03 04:56:40	458990c9dfdd1d3c1876b71542fccb804cb238e1835a072f29f655543019ad7f	exe
2023-04-03 03:57:56	dc4f203ee5df59eb9a271b10623df67daeadec8e43dcc12daa8a6fa0b4f1606b	exe
2023-04-03 01:25:46	3d13ba2eeb19538cf0631877390631a0d02a7add98c9d37782ca89e9bf7305d1	exe
2023-04-02 21:36:22	e376d08055ae263ba060949eba2718d2023a80c16de49471ad3d2d87a124ed50	exe
2023-04-02 18:16:40	35a0b8e272e38ffe26e3b8d75a231dcee86e1ea1b53848a5584783ee4db30236	exe
2023-04-02 11:05:32	005bff91c7c3ca88fc794d00d4882a634276c85b506679624b3b51a6a1aec6d1	exe
2023-04-01 14:46:57	a72ed711b79d16693eb00366d850efd707d1ca01abdc1c2fae072b7b67440f0b	exe
2023-04-01 08:36:02	9454a53dcc4fc62ef06c8ea76043057fa4e688f8d2208d837bad89f2374069ce	exe
2023-04-01 04:55:08	d8f5ab16727edf68166c9f7973dcf87d3a563fefcb013154ccbd81367677a2cd	exe	Gh0stRAT
2023-03-31 19:58:30	6a267008dc7b95a1bcade4a19072e2df29af9f6bbd372d9e5444540260a10d7a	exe
2023-03-31 16:04:00	20f4b006007defc2e71a4a3bc6ffe0cdbb5ed6f34c4e15e95d85a7cb60a76286	exe	Gh0stRAT
2023-03-31 15:56:05	37a5d7960b09d3f0ec4c8d39203ce285a9ced3c70c3e3fbd5c6f3f21678bdec4	exe
2023-03-31 15:55:23	cc68b5edae8acaaf394ae0b92b6199f83630b9d66ba60152f0db0aa849cb0ece	exe	Gh0stRAT
2023-03-20 08:57:05	1ef14f23c1c3fad652b81376340e8882a942b27052f85e96040067fc0ac4cd5a	exe
2023-03-14 07:52:29	d46dbbb40bf11bda9b1aa74d9d2550a73ab0ae6008270c2c541153cd4974a3dd	exe	Gh0stRAT
2023-03-14 06:13:10	4e90491d7bfcb50079a2fc9795b8ae9c4bd9ee5b26913b075ea248f953c6b910	exe	Gh0stRAT
2023-03-14 06:13:10	71a0f84fc97d3ea8ecdc9dc19e058fe994e3cecf826f3db462c4995d8ee6dacb	exe	Gh0stRAT
2023-03-14 05:20:10	7d147fa016e7218fcf60c76d2688a100e83fbb580f3c954d55e08d2c7b0b5a14	exe	Gh0stRAT
2023-03-14 04:41:13	1f3194c5d2f7de0505f5a5a6d219f217cd5526ef7c9f8cd2d163887176572825	exe	Gh0stRAT
2023-03-13 05:33:40	35974873a02e6bb71b7d10a3c280e9bed19f656d094741c991475dab91099620	exe	Gh0stRAT
2023-03-07 08:15:47	a853b17061786737988e904c7cca3c808f5a74ea3bb6d9c624ae71bd08ea40ad	exe	Gh0stRAT
2023-03-07 08:15:23	a8f59998bb89d7563e5dcadd2a7f23b86c8e643203cc921abe3450fe80348a0b	exe	Gh0stRAT
2023-03-07 08:15:19	7fcde90bf1f4e6ec55e94000936f6264264990f16511c5fae5a2faaefd8400f7	exe	YoungLotus
2023-03-07 08:15:19	167a12055852953ff43bda213ecc524fd8af28f6613ffa9225a6c3259e079357	exe	YoungLotus
2023-03-07 08:15:16	6ceb50da4275db929de139517ee96a5617ca2a8dead8db120d4f43a467f2fbf5	exe	YoungLotus
2023-03-07 08:03:09	c5bbffaaa02f6289977ee6ba6f2684953114cebc79f3e3e6aca7ca301a87a117	exe	YoungLotus