URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	156.245.13.61
Firstseen:	2024-04-29 10:51:03 UTC
Total malware sites :	6
Online malware sites :	0 (0%)
Offline Malware sites :	6 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-04-29 11:15:25	http://156.245.13.61:8000/read1y.apk	Offline	opendir SpyNote	abus3reports
2024-04-29 11:05:28	http://156.245.13.61:8000/ready.apk	Offline	opendir SpyNote	abus3reports
2024-04-29 10:55:33	http://156.245.13.61:8000/8443nobeacon	Offline	opendir Sliver sliverc2	abus3reports
2024-04-29 10:55:32	http://156.245.13.61:8000/8443beacon	Offline	opendir Sliver sliverc2	abus3reports
2024-04-29 10:55:07	http://156.245.13.61:8000/windowsVirus.exe	Offline	exe opendir Sliver sliverc2	abus3reports
2024-04-29 10:51:37	http://156.245.13.61:8000/replacePara.exe	Offline	backdoor Cobalt strike CobaltStrike opendir sliverc2	abus3reports

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2024-06-01 12:29:36	dcf7e926dbdc8773107b7638ce1b5241d072dcf513a97be9927630dc417a012c	zip
2024-05-30 12:50:37	5c54c4a566054a18ff6acdd5e1318447d930819993c1869ac31076ff0dc7c5b1	elf
2024-05-29 14:00:20	36902dfc02244bcea4027f918739288203d2024f26a9e5724effdb31b9a56f02	exe	Sliver
2024-05-29 12:24:29	9f0ebadf640de50538ac962452361b03712882cf92e438609f187945753a87c4	exe	Sliver
2024-05-27 05:44:22	4f4edca2de6a9122c5c69cf25a536e461b0e081078c5e33f7354e098f83bb7cb	zip
2024-05-27 04:11:29	1e54d0154051338706e7af9a35ae4bd9ad1f2cfd43d40316361a61cc5959c852	zip
2024-05-26 14:08:29	f8f8934e8efbb4bfadf63ac84038269c825a4845cc93c2b6daadc53b9ac94531	elf
2024-05-26 14:08:10	01c3cbd453a8353816fdefd8c19a8a9dcf4ef546428ac569832e40b5a6ba7569	exe	Sliver
2024-05-24 12:46:07	ce6afae44d23dbd8577cb9afa300a643ab05130f3d5bb9001cddeaeb197a82c1	elf
2024-05-24 12:43:51	eb9ade77e32ae086e784b5424286008a7524f71032578d1602e461682a33f127	elf
2024-05-24 12:43:48	61d78245c068bc626e0cc7b0bd5140c50eef8504f98db4813e539ccc5e44017a	elf
2024-05-23 07:05:16	2e9d05f02ac8c341a1d499dbd8585f6e82a071d81e2da226b244eb2da5645253	zip
2024-05-22 06:50:18	bb1cbb9ada1c291100ab04ff7cbda0840efe456d90e8c585cf6d935018e274d7	zip
2024-04-29 13:19:22	7f51e086ad58edea69aa17742eaf7dc2e92816213449789c5cf64dc765a045c3	zip
2024-04-29 12:37:50	def4991abb346723efb1251f672d1c9babea5baf62a60fe5d4d79d78b52de529	zip
2024-04-29 10:55:33	82e7dd63f21d794e5925d309ca68adfad60895e89977cffe80d261884220a9c2	elf
2024-04-29 10:55:32	280adbca100331a581e310157a6f9f2e723ad6785b5ac3c764f8bd9ee9a0defc	elf
2024-04-29 10:55:07	6853dcea12edeb1629297d5c86b7ef4cf8945421059fe3675615614a6cb6430d	exe	Sliver
2024-04-29 10:51:32	c401c57365e57f1bc8d84f3e42685792b6fa6f55e91bbfdca1b170b64299efbe	exe	Cobalt Strike