URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 136.144.41.14
Firstseen:2021-07-13 09:40:03 UTC
Total malware sites :14
Online malware sites :0 (0%)
Offline Malware sites :14 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2021-07-13 09:40:04 136.144.41.14Not listedAS14178 Megacable_Comunicaciones_de_Mexico_S.A._de_C.V.- MXyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-07-15 09:51:04http://136.144.41.14/so/nv.exeOffline32 AZORult ext exe zbetcheckin
2021-07-15 09:51:04http://136.144.41.14/so/zxx.exeOffline32 exe Formbook ext zbetcheckin
2021-07-14 16:53:03http://136.144.41.14/so/cas.exeOffline32 exe Formbook ext zbetcheckin
2021-07-14 16:49:03http://136.144.41.14/so/va.exeOffline32 exe Formbook ext zbetcheckin
2021-07-14 16:48:03http://136.144.41.14/so/kn.exeOffline32 exe Formbook ext zbetcheckin
2021-07-14 16:48:03http://136.144.41.14/so/ee.exeOffline32 exe Formbook ext njRAT ext zbetcheckin
2021-07-14 16:36:04http://136.144.41.14/so/sam.exeOffline32 exe Formbook ext zbetcheckin
2021-07-14 16:36:04http://136.144.41.14/so/nn.exeOffline32 exe Loki ext zbetcheckin
2021-07-13 12:48:04http://136.144.41.14/so/f.exeOfflineexe Loki ext opendir abuse_ch
2021-07-13 12:48:04http://136.144.41.14/so/o.exeOfflineexe opendir abuse_ch
2021-07-13 09:52:04http://136.144.41.14/so/k.exeOffline32 exe Formbook ext zbetcheckin
2021-07-13 09:48:03http://136.144.41.14/so/s.exeOffline32 exe Formbook ext zbetcheckin
2021-07-13 09:48:03http://136.144.41.14/so/v.exeOffline32 exe Formbook ext zbetcheckin
2021-07-13 09:40:04http://136.144.41.14/so/e.exeOffline32 exe Formbook ext zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-07-31 07:04:54dde0d8980f77e3569f9d6c5e0c439e8dd8e2bba5fa2ae4d029ddcc4c1f3da134exeFormbook
2021-07-31 06:38:51ece3bc4f7c34868f2b77c2cd9f77b47539b450e85dd35789a0bb1d9523d1501fexeLoki
2021-07-31 06:01:0109599ff21ddd0f31d3d708569e2fa57a8c4585e22fb08a42a8ece1af052644c3exeFormbook
2021-07-31 04:59:58b6081a8f21ed9eb797e4c3792dd1cb146849baa493d9a3418177147d341b0ab9exeLoki
2021-07-31 04:13:51fa02f92c23e51b67bbe960066f6db7d335869cd13ddcede4bee662406a17e96cexeLoki
2021-07-31 02:09:41f31ac464038b7d1b494292c9d2070c4317439cebfd5f297c6610f8644c78ee60exe 
2021-07-31 01:42:233a714dfc61966f3b27d5042a188a86dc4901cc1addea07ad002826cfce11caf9exeLoki
2021-07-31 00:42:52bd94addc9c8a362575b6f16196eb0bb9aabc6d68669421054c4e9ac0ad7b5aebexeFormbook
2021-07-31 00:36:16ab74221304240ea234585f19c33a84b0dc1a373fe293868bcd59657681487a2fexe  
2021-07-26 23:01:31faa64bf7a9a7ffe07d17b9b75c4daf8a3b2477aeb9ce04c781962fd6e1457597exe 
2021-07-26 15:21:07bee1f1053416f4000d447778e3e4af188b3325148f7974d018bfa1c93e5bf9beexenjrat
2021-07-26 14:34:108e8e647de94da7bf73ce5c62e5bbe687692f5f783ca94f8337281fcca4e384d7exenjrat
2021-07-22 15:37:313a00220ed561a06063d9be300b92758141f63952531b903649ae29db8872afadunknown  
2021-07-22 15:37:083a00220ed561a06063d9be300b92758141f63952531b903649ae29db8872afadunknown  
2021-07-22 15:32:263a00220ed561a06063d9be300b92758141f63952531b903649ae29db8872afadunknown  
2021-07-15 09:51:047407ee3e8721c552cb38ffd1d8e35cd78838443499b51670b5175fdccb6d4961exeAZORult
2021-07-15 09:51:047d46e9015525b4cc3c23cd864847208ec36bad8ddfadb56b672d8c0acbfeae6aexeFormbook
2021-07-14 16:53:03e96f510044e2be6e588df6baf04b49ee09a0b96404e79623cafba8465c4e24a8exeFormbook
2021-07-14 16:49:03c36fa12719f133f394b113938584b1d693d4741df4e40d34958dcee239ecd153exeFormbook
2021-07-14 16:48:03ed1c8e0943e3e4877bc1732debf2c109ebe42dd4f88023db3b85246f25906601exeFormbook
2021-07-14 16:48:030482660453d954673e8737d1b72241f69344fddc7ad4288e94f544cc2c6c5130exeFormbook
2021-07-14 16:36:04b79368e2c5cb9664b5552d02c7c20ce0ffc6adf26f252108fc2a945146247094exeLoki
2021-07-14 16:36:046520c8e7f0f0ad32a8599cffd8d908860f6e0ade6fb41104b31657f8a27a908bexeFormbook
2021-07-13 12:48:04961b36bb78d27b3432fae08e5c4272fe295b5e24e832c6f6bf1ec3cf87057dabexe 
2021-07-13 12:48:04988015476a43d916c6d49009eaa2e262246ac18eaf1615113262cd3540708450exeLoki
2021-07-13 09:52:046d52f253766c4c64e2fb9e5f30a37eaa8833a9d9b669a627d367e9a80518f76eexeFormbook
2021-07-13 09:48:033b850a085ce072cb545fd9422cc8d9eaae19329e27a032edda8bc676d392b8ffexeFormbook
2021-07-13 09:48:03149284a3cea91f5e9664132845539885ea0f23d0dddf184180823a5b4236b6c9exeFormbook
2021-07-13 09:40:04fe490c4509df78fb7305493edacde35bb3476ae8447e4104399220621a4db8ddexeFormbook