URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 141.98.6.202
Firstseen:2023-03-31 00:28:03 UTC
Total malware sites :22
Online malware sites :0 (0%)
Offline Malware sites :22 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2023-03-31 00:28:26 141.98.6.202Not listedAS213702 QWINS-LTD- NLyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2023-09-18 11:49:03http://141.98.6.202/3991/TiWorker.exeOfflineAnonymous
2023-09-18 11:49:03http://141.98.6.202/zq/Ebuzyhc.vdfOfflineAnonymous
2023-09-18 11:49:03http://141.98.6.202/zq/TWIT.txtOfflineAnonymous
2023-09-11 09:37:04http://141.98.6.202/win/o0o0o0ooio0oio0io0i0oOI...OfflineAnonymous
2023-09-11 09:00:10http://141.98.6.202/win/update/WUDFHost.txtOfflineRemcosRAT ext Anonymous
2023-09-11 09:00:09http://141.98.6.202/1211/WUDFHost.exeOfflineRemcosRAT ext Anonymous
2023-09-11 09:00:08http://141.98.6.202/win/Inajmllbw.datOfflineAnonymous
2023-09-11 09:00:07http://141.98.6.202/win/windows/WUDFHost.htaOfflineAnonymous
2023-09-08 15:51:10http://141.98.6.202/windows/wind/IE_Cache.vbsOfflineAnonymous
2023-09-08 15:51:07http://141.98.6.202/windows/wind/0O0O0O0o0O0O0O...OfflineAnonymous
2023-09-08 15:51:06http://141.98.6.202/windows/wind/IGCCU.lnkOfflineAnonymous
2023-03-31 00:28:27http://141.98.6.202/arm7Offlineelf mirai ext r3dbU7z
2023-03-31 00:28:27http://141.98.6.202/arm6Offlineelf mirai ext r3dbU7z
2023-03-31 00:28:27http://141.98.6.202/m68kOfflineelf mirai ext r3dbU7z
2023-03-31 00:28:27http://141.98.6.202/sh4Offlineelf mirai ext r3dbU7z
2023-03-31 00:28:27http://141.98.6.202/mpslOfflineelf mirai ext r3dbU7z
2023-03-31 00:28:26http://141.98.6.202/arm5Offlineelf mirai ext r3dbU7z
2023-03-31 00:28:26http://141.98.6.202/armOfflineelf mirai ext r3dbU7z
2023-03-31 00:28:26http://141.98.6.202/spcOfflineelf mirai ext r3dbU7z
2023-03-31 00:28:26http://141.98.6.202/x86Offlineelf mirai ext r3dbU7z
2023-03-31 00:28:26http://141.98.6.202/ppcOfflineelf mirai ext r3dbU7z
2023-03-31 00:28:26http://141.98.6.202/mipsOfflineelf mirai ext r3dbU7z

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2023-09-11 09:37:04563644b271bf99a4995e5badd283ecb86446bdfc19806c83742303c04f195277unknown  
2023-09-11 09:00:10f132ec32d7b9ec4a11374f7334b69c1a2736bdb3601744fbf9378c2a86485f6ctxt RemcosRAT
2023-09-11 09:00:09b96df82e2a9e14b2854a68e6645598e494aa818801a18384f2d81a2ff514824eexeRemcosRAT
2023-09-11 09:00:08862a09736581458719aaf604416ce65a412d643f5c352b94d503389a20c8bb69unknown  
2023-09-08 15:51:09caa5405f654d266e079f1cda1e3c8e9c05fddb7264da52a8dbc43648a832a455unknown  
2023-09-08 15:51:07a31dc91e14854fc3db2932f20902a107ddc649b571a6c6637c6abd91e5530f56unknown  
2023-09-08 15:51:06e6769ee560ac9eedfe733cad900a2686dcff76752e789341949f18741dd7ac80lnk  
2023-03-31 00:28:22ea8c1ae2a9889bb9c8bff0a2cbb3a165ab119aca662bb6fc8981330bdd9315e7elfMirai
2023-03-31 00:28:22a159bb910f2784f939753c60265ea1706094af806c4ca84d7cb94036c73808cbelfMirai
2023-03-31 00:28:215bd85b7e8a6bb58c62f9509265f29b9810e4b3639631944313706ee04556898belfMirai
2023-03-31 00:28:21a9049fb66a020fd647086130c3831cf83fe05c1a346fb681d99e9ab79da9e7e8elfMirai
2023-03-31 00:28:2164a48afc35d5751bd47b9ff857d476ed910767d8392e4d636a46c7d378702d45elfMirai
2023-03-31 00:28:212e4c8bd9749d83bdd807cc0185e5e9a5638a9c827b6da67effe66fda367ec148elfMirai
2023-03-31 00:28:2162d1be9316dbe916fd20e18faa2d037d8d0f4b100fa3f223a4cd2229db12e160elfMirai
2023-03-31 00:28:212397d60d285cdd24d49320216be11d84f97562b7631c65eedacb96bf5d9bf9b3elfMirai
2023-03-31 00:28:21eb31a502fc534996e3480985311d37ab56fd08cbc34bb7472785cc60ca575218elfMirai
2023-03-31 00:28:219f79a45cf50a65adcc944c21ad71d7c35f3931a02e9de031b5c29aac12554f31elfMirai
2023-03-31 00:28:20e555f774c27ade593b1cbd082acd386c5667a2fe60c01fdb02b9ceaa50493965elfMirai