URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 155.94.142.170
Firstseen:2021-09-24 18:50:03 UTC
Total malware sites :7
Online malware sites :0 (0%)
Offline Malware sites :7 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2021-09-24 18:50:05 155.94.142.170155.94.142.170.static.greencloudvps.comNot listedAS36352 AS-COLOCROSSING- USyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-10-04 09:35:05http://155.94.142.170/covid/bin%20old.exeOfflineexe Formbook ext opendir abuse_ch
2021-10-04 09:35:04http://155.94.142.170/covid/file%2040.exeOfflineexe Loki ext opendir abuse_ch
2021-10-04 09:35:04http://155.94.142.170/covid/file%2020.exeOfflineexe Loki ext opendir abuse_ch
2021-10-04 09:34:06http://155.94.142.170/covid/bin.exeOfflineexe Formbook ext NanoCore ext opendir rat abuse_ch
2021-09-27 14:15:06http://155.94.142.170/covid/file.exeOfflineexe Formbook ext Loki ext NanoCore ext rat abuse_ch
2021-09-24 19:55:05http://155.94.142.170/covid/new.exeOffline32 exe Loki ext NanoCore ext zbetcheckin
2021-09-24 18:50:05http://155.94.142.170/covid/me.exeOfflineexe Loki ext NanoCore ext abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-10-04 10:05:448f7fa187226287ba3a8858e75b00b021022fbfbc8f1f7ae01557cf692510fe00exeFormbook
2021-10-04 09:35:058f7fa187226287ba3a8858e75b00b021022fbfbc8f1f7ae01557cf692510fe00exeFormbook
2021-10-04 09:35:0462c310a9aeec64bf3864411e0ea2edfdddbacb340626e7d808615ec35ec14d39exeLoki
2021-10-04 09:35:0438808b0c27c49a59ba6d0abf74102335bf7cc28539cd5732034d06d0911eeef0exeLoki
2021-10-04 09:34:061eb67ff1a8f16725e58ab95f31a3302f55196e10ba9bcde26960e87aea921c6bexeNanoCore
2021-10-04 07:02:211eb67ff1a8f16725e58ab95f31a3302f55196e10ba9bcde26960e87aea921c6bexeNanoCore
2021-10-04 06:51:2138808b0c27c49a59ba6d0abf74102335bf7cc28539cd5732034d06d0911eeef0exeLoki
2021-10-04 06:03:138f7fa187226287ba3a8858e75b00b021022fbfbc8f1f7ae01557cf692510fe00exeFormbook
2021-10-04 05:29:1962c310a9aeec64bf3864411e0ea2edfdddbacb340626e7d808615ec35ec14d39exeLoki
2021-09-28 07:12:44d0ecbdd58eb20d1490dff0164d6a7ea8d16e75f4e6faeb1af3ded350386bba0cexeNanoCore
2021-09-28 07:09:33d0ecbdd58eb20d1490dff0164d6a7ea8d16e75f4e6faeb1af3ded350386bba0cexeNanoCore
2021-09-28 07:07:02d0ecbdd58eb20d1490dff0164d6a7ea8d16e75f4e6faeb1af3ded350386bba0cexeNanoCore
2021-09-28 06:55:327615d4e29141a24ca4434b8a0ef5f4ee4ca29c1acc6702d1128a34f9ca8b88f6exeLoki
2021-09-28 05:25:022db7563569db715f84080ae55eebbf11387b73145867fe46b02f1be729a2293eexeNanoCore
2021-09-28 05:25:012db7563569db715f84080ae55eebbf11387b73145867fe46b02f1be729a2293eexeNanoCore
2021-09-28 05:24:412db7563569db715f84080ae55eebbf11387b73145867fe46b02f1be729a2293eexeNanoCore
2021-09-27 21:11:4890d4ace5ed0df3f9b7838ecd3e7dc4fdd0aa65425f4f7201c6cad5fb0bcc41a8exeNanoCore
2021-09-27 16:17:0090d4ace5ed0df3f9b7838ecd3e7dc4fdd0aa65425f4f7201c6cad5fb0bcc41a8exeNanoCore
2021-09-27 14:15:0690d4ace5ed0df3f9b7838ecd3e7dc4fdd0aa65425f4f7201c6cad5fb0bcc41a8exeNanoCore
2021-09-24 19:55:05dcaffe4997218aeafdc4f8186880753b4018088c8d3ea373783c5c790ed0ce24exeLoki
2021-09-24 18:50:05dcaffe4997218aeafdc4f8186880753b4018088c8d3ea373783c5c790ed0ce24exeLoki