URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	154.12.36.162
Firstseen:	2024-09-26 10:58:04 UTC
Total malware sites :	22
Online malware sites :	0 (0%)
Offline Malware sites :	22 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2024-09-26 10:58:12	154.12.36.162		Not listed	AS35251 ANTI-DDOS	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-09-26 11:21:27	http://154.12.36.162/top/TOP_2.4.6JK.exe	Offline	exe opendir	NDA0E
2024-09-26 11:21:27	http://154.12.36.162/ZZBX/LDvar.exe	Offline	BlackMoon exe opendir	NDA0E
2024-09-26 11:21:27	http://154.12.36.162/BOT/LDvar.exe	Offline	BlackMoon exe opendir	NDA0E
2024-09-26 11:21:27	http://154.12.36.162/LDBX/LDvar.exe	Offline	BlackMoon exe opendir	NDA0E
2024-09-26 11:21:26	http://154.12.36.162/BOT2/LDvar.exe	Offline	BlackMoon exe opendir	NDA0E
2024-09-26 11:21:26	http://154.12.36.162/danban2/cod19-danbanJK1.3....	Offline	exe opendir	NDA0E
2024-09-26 11:21:25	http://154.12.36.162/top/TOP_2.4.9JK.exe	Offline	exe opendir	NDA0E
2024-09-26 11:21:25	http://154.12.36.162/3.exe	Offline	BlackMoon exe opendir	NDA0E
2024-09-26 11:21:24	http://154.12.36.162/top/TOP_2.4.6.vmp.exe	Offline	exe opendir	NDA0E
2024-09-26 11:21:22	http://154.12.36.162/danban2/cod19-danban12.vmp...	Offline	exe opendir	NDA0E
2024-09-26 11:21:19	http://154.12.36.162/top/TOP_2.5.0.vmp.exe	Offline	exe opendir	NDA0E
2024-09-26 11:21:19	http://154.12.36.162/top/TOP_2.4.7JK.exe	Offline	exe opendir	NDA0E
2024-09-26 11:15:13	http://154.12.36.162/com/%E6%88%98%E5%8C%BA2.0%...	Offline	BlackMoon exe opendir	NDA0E
2024-09-26 11:07:15	http://154.12.36.162/ZZ/LDvar.exe	Offline	BlackMoon exe opendir	NDA0E
2024-09-26 11:07:15	http://154.12.36.162/top/TOP_2.6.5.vmp.exe	Offline	exe opendir	NDA0E
2024-09-26 11:07:15	http://154.12.36.162/1.5.4danban.exe	Offline	BlackMoon exe opendir	NDA0E
2024-09-26 11:07:15	http://154.12.36.162/top/TOP_2.5.9.vmp.exe	Offline	exe opendir	NDA0E
2024-09-26 11:07:14	http://154.12.36.162/top19/2.3.1JK.exe	Offline	exe opendir	NDA0E
2024-09-26 11:07:13	http://154.12.36.162/top/top..2.5.6.exe	Offline	exe opendir	NDA0E
2024-09-26 10:59:14	http://154.12.36.162/top/TOP_2.5.1.vmp.exe	Offline	exe opendir RaccoonStealer	NDA0E
2024-09-26 10:59:09	http://154.12.36.162/top19/TOP_2.4.6.vmp.exe	Offline	exe opendir	NDA0E
2024-09-26 10:58:12	http://154.12.36.162/2.exe	Offline	BlackMoon exe opendir	abus3reports

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2024-09-28 05:52:53	e2f9fc35170dd5231af1e87e9cae4172eeb2d0f4909102a4c0aa55010ad2edde	exe
2024-09-28 04:15:26	51d99928c94fa7e62091c7f7576c7870afee6e4f71d410cd733c4cd006ce88a2	exe
2024-09-28 01:11:40	ce3cb7a4377fcc1babaea2a319278855aef9e6c14b5bafc27434dd3362087285	exe
2024-09-27 07:11:41	c0dbf5ebc56f838e6d08a1cfe708c798ac1a4a733dea5a97ce4699a4f2359bcd	exe
2024-09-26 11:21:27	f9e7897cf0bf404909f37fbbb580ad9f8f51d96c6024100496b3f78ac5b110ee	exe
2024-09-26 11:21:27	52b6020774511a3c173f063e05c4baaa6707e3fe353c608507a7cb16316a91f8	exe	Blackmoon
2024-09-26 11:21:27	7b388b3e6e27d3e006fc189261859e95208616ed8074aa9f2a990209f91d5553	exe	Blackmoon
2024-09-26 11:21:27	e778e364feba0c53bec945966d895031e38e67421db6dd8a34bbf2fd44889322	exe	Blackmoon
2024-09-26 11:21:26	97d1edc59b66e32eb0f1f816312fa5d2011f987dfc48c4bc7c07d163fd614db9	exe	Blackmoon
2024-09-26 11:21:26	758865e80e466491006a2aa6797024d9ab40a6c95401a15978313ccf7c0259b0	exe
2024-09-26 11:21:25	d920cafd290216d6917357a9b6d49dc74ecde9b934640fa07f9effea6835fd02	exe
2024-09-26 11:21:25	7d7f580de5a46d90941ed4c7db9ac24e0117a957614324647d6c528b7d2f1833	exe	Blackmoon
2024-09-26 11:21:24	52c9df5e658e920b63e613be0b9c5e055050e7df2847f071755a9a398f6f26dc	exe
2024-09-26 11:21:21	be493fddd2bc9bc6d4e186f4698db3022b811baa47f6552bf6cec03e472069e3	exe
2024-09-26 11:21:19	9841e8a3ba61475059b3fbd843b6f2c61434d068379a3ec62f2ba7d8b50d90f0	exe
2024-09-26 11:21:18	9d69bbabf99f8b1314c349c3b2a2539f650bf037a7e5f296f2a480a18d6e9693	exe
2024-09-26 11:15:13	0d0ba6b9fc8d7d6482b7030628c085775997a3601d7478d45a514c1fceecadac	exe	Blackmoon
2024-09-26 11:07:15	4c841ba8f12650e5075d9498f4708d0e01988e0f8c51b7944cd18edb89dea716	exe	Blackmoon
2024-09-26 11:07:15	da728432619f5a8a841f8216a6cb1e1a696f47b6ee6ef6254ec190a47cb0c0a9	exe
2024-09-26 11:07:15	d4f5c92d2602f114b7269eee1157c290d2f70efca5093f2b5d67cd526eb5f8e8	exe	Blackmoon
2024-09-26 11:07:15	859faf0d54f92d37228f40900fc78a8b0b44402920cc3003b08ba723a5cfc511	exe
2024-09-26 11:07:14	ae43ac56f0b307e1d01274d90fa920cf523bd25178bc0cd5257fcf635c94d036	exe
2024-09-26 11:07:13	90f220c4bed9f3a8212cad0c4e5178fa213a8a234e3899898c429c3f59037490	exe
2024-09-26 10:59:14	ebc484e7c147cff9e8e1ce1e265018119beb72bfec745e379f58197f6efa5159	exe	RaccoonStealer
2024-09-26 10:59:09	95d4d2f3e313169343f3392741b89cc5bd606bec02284ca9bbac2b5ee88aad0b	exe
2024-09-26 10:58:08	538657e0e69a3e37da94646672537f3c7764a81d0b0896c7305f06f799245d92	exe	Blackmoon