URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 136.144.41.61 |
|---|---|
| Firstseen: | 2021-07-20 05:57:02 UTC |
| Total malware sites : | 9 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 9 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2021-07-20 05:57:05 | 136.144.41.61 | Not listed | AS14178 Megacable_Comunicaciones_de_Mexico_S.A._de_C.V. |  MX | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2021-08-18 17:53:04 | http://136.144.41.61/DIM.exe | Offline | exe NanoCore  rat |  abuse_ch |
| 2021-07-27 22:27:04 | httP://136.144.41.61/klSsrzxwsbxeJQh.exe | Offline | Formbook xloader |  James_inthe_box |
| 2021-07-27 15:14:03 | http://136.144.41.61/KLcaCYuAidZMbBJ.exe | Offline | exe Formbook | abuse_ch |
| 2021-07-27 07:57:04 | http://136.144.41.61/MSIuaQz91rPyszO.exe | Offline | exe Formbook | abuse_ch |
| 2021-07-27 07:04:03 | http://136.144.41.61/ordergoz.exe | Offline | 32 exe SnakeKeylogger | zbetcheckin |
| 2021-07-26 14:17:05 | http://136.144.41.61/tFmi9yG2EVDHMio.exe | Offline | AgentTesla exe | abuse_ch |
| 2021-07-20 09:28:04 | http://136.144.41.61/iykemoney.exe | Offline | AgentTesla exe | abuse_ch |
| 2021-07-20 08:34:03 | http://136.144.41.61/neww.exe | Offline | 32 exe Formbook | zbetcheckin |
| 2021-07-20 05:57:05 | http://136.144.41.61/purchase.exe | Offline | exe Loki | abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2021-08-18 17:53:04 | e9380267097f99319037e137003eedcdb45670fdd969b3a610b725f3c17adc4a | exe | NanoCore | |
| 2021-07-27 22:27:04 | 27572043b01a99f3901af4bd40faf03cd04e722e3fb7ba866ccdb3b2d3fabb11 | exe | Formbook | |
| 2021-07-27 15:14:03 | 7b40c9c16df4b35ae04076a8afd38c4fe4bf5525bb388ea3871ec2371fa9e049 | exe | Formbook | |
| 2021-07-27 07:57:04 | 8bc53adb417402cf954d8018bc35c0f4f853d5a2e3471c4de98ca8e1fa8fa1e9 | exe | Formbook | |
| 2021-07-27 07:04:03 | 85ee1ec9ae72c6faa52834220e9755407dbb2c49c4371ed3df36d093137cb9ef | exe | SnakeKeylogger | |
| 2021-07-26 14:17:04 | efe1e2dfcb71640bc73b4627dcafebf3a71fc45b6118f6ecf5997f3796d993b8 | exe | AgentTesla | |
| 2021-07-20 09:28:04 | 3855c5c96cc7967c87854b419d18eff2f6ca4f11858611d9cd668aedf898ea31 | exe | AgentTesla | |
| 2021-07-20 08:34:03 | ebcb11c34621fb23b52cd1525f932bf3eb550359547518805b6db9da1698a6da | exe | Formbook | |
| 2021-07-20 05:57:05 | f06527ec4d525acb558c7712b0f043fd1ccfba76b13d3c993180db7a6926b3fc | exe | Loki |