URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	158.94.208.168
Firstseen:	2026-03-22 17:45:06 UTC
Total malware sites :	24
Online malware sites :	20 (83%)
Offline Malware sites :	4 (17%)
Newest active malware site :	2026-03-23 06:35:14 UTC
Oldest active malware site :	2026-03-22 17:45:08 UTC (Age: 13 hours, 9 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2026-03-22 17:45:08	158.94.208.168		SBL686264	AS202412 OMEGATECH-AS	DE	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2026-03-23 06:35:14	http://158.94.208.168/files/1032264266/l8iybfv.exe	Online	c2-monitor-auto dropped-by-amadey rustystealer	c2hunter
2026-03-23 01:43:07	http://158.94.208.168/files/8012574236/ZMxUkZd.exe	Online	dropped-by-amadey fbf543 njRAT	Bitsight
2026-03-22 21:30:11	http://158.94.208.168/files/1103068177/8WTjrO1.exe	Online	c2-monitor-auto dropped-by-amadey	c2hunter
2026-03-22 18:06:04	http://158.94.208.168/files/7268244560/PHl2Bgd.exe	Offline	c2-monitor-auto dropped-by-amadey	c2hunter
2026-03-22 18:03:07	http://158.94.208.168/files/7850695435/gpaMBVQ.msi	Online	c2-monitor-auto dropped-by-amadey EternalRocks	c2hunter
2026-03-22 18:03:07	http://158.94.208.168/files/7341834371/BgAtGH0.exe	Online	c2-monitor-auto dropped-by-amadey Stealc	c2hunter
2026-03-22 18:03:06	http://158.94.208.168/files/7453936223/KAQ8PQ5.exe	Online	c2-monitor-auto dropped-by-amadey Vidar	c2hunter
2026-03-22 18:03:05	http://158.94.208.168/files/7782139129/1fz7hzL.bat	Offline	c2-monitor-auto dropped-by-amadey	c2hunter
2026-03-22 18:01:05	http://158.94.208.168/files/5900855435/eNLe4nm.exe	Online	dropped-by-amadey fbf543 Vidar	Bitsight
2026-03-22 18:00:08	http://158.94.208.168/files/8036065901/ggGms6j.exe	Online	c2-monitor-auto dropped-by-amadey OffLoader	c2hunter
2026-03-22 18:00:06	http://158.94.208.168/files/7535437325/hyYzXsC.bat	Offline	c2-monitor-auto dropped-by-amadey	c2hunter
2026-03-22 18:00:06	http://158.94.208.168/files/8531638373/QWFfVk7.exe	Online	c2-monitor-auto dropped-by-amadey Vidar	c2hunter
2026-03-22 17:59:11	http://158.94.208.168/files/7782139129/S6xWuZ1.exe	Online	c2-monitor-auto dropped-by-amadey Vidar	c2hunter
2026-03-22 17:59:06	http://158.94.208.168/files/7782139129/ZSZfFtn.exe	Offline	c2-monitor-auto dropped-by-amadey SalatStealer	c2hunter
2026-03-22 17:59:06	http://158.94.208.168/files/8574065846/HPlEReH.exe	Online	dropped-by-amadey fbf543 Vidar	Bitsight
2026-03-22 17:59:06	http://158.94.208.168/files/8717422379/VMa1dJb.exe	Online	dropped-by-amadey fbf543	Bitsight
2026-03-22 17:58:06	http://158.94.208.168/files/5848981546/hRw1yLa.exe	Online	c2-monitor-auto dropped-by-amadey Smoke Loader	c2hunter
2026-03-22 17:58:06	http://158.94.208.168/files/8434554557/X8cqVrA.exe	Online	c2-monitor-auto dropped-by-amadey rustystealer Vidar	c2hunter
2026-03-22 17:52:09	http://158.94.208.168/files/neo/random.exe	Online	c2-monitor-auto dropped-by-amadey	c2hunter
2026-03-22 17:51:04	http://158.94.208.168/test/random.exe	Online	c2-monitor-auto dropped-by-amadey	c2hunter
2026-03-22 17:50:07	http://158.94.208.168/final/random.exe	Online	c2-monitor-auto dropped-by-amadey NirCmd	c2hunter
2026-03-22 17:50:06	http://158.94.208.168/files/unique5/random.exe	Online	dropped-by-amadey fbf543 Vidar	Bitsight
2026-03-22 17:50:06	http://158.94.208.168/files/gop/random.exe	Online	c2-monitor-auto dropped-by-amadey Vidar	c2hunter
2026-03-22 17:45:08	http://158.94.208.168/vidar/random.exe	Online	c2-monitor-auto connectwise dropped-by-amadey Vidar	c2hunter

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2026-03-23 06:39:25	8973953da22ae576d3391b47b7b117c8cb833a34970699561594cca7e8b2797a	exe
2026-03-23 06:35:14	691c051d878de73423b43e45c09d5935879cb9c5234d9ec9ebfcd2b091a6c387	exe	RustyStealer
2026-03-23 06:33:55	0257f7a632a3f3e167eb208b7a9c582d849735263092d94fe3b12e9e673ab8ba	exe	Vidar
2026-03-23 04:07:13	e87e5ca94e55ddc0e3d98d17384ecf273780e423c65933b7d8fcb35d3414ca4a	exe
2026-03-23 03:10:03	679e5732eabf7d38ade383b543dbeca330503d26d40609132e34706ff4dcb3ef	exe	njrat
2026-03-23 03:04:31	cb1ae636d14106d5558c5eee0c4a87ba4f9863a8112a75c5714dfe2ed28d0140	exe	RustyStealer
2026-03-23 02:57:28	8428d2db1f70caaa79934f30068fb4eddd4874ca5702ad53c5c8c12c46513f24	exe
2026-03-23 01:43:07	3363d6303e76b785f58f2a2f3366af0a0094f742aed46448a3f3a97b300c404e	exe	njrat
2026-03-22 21:56:38	844aa9ac5bd2d5d9517dd7a8fd06f3dbc32a794a3f0973da94c6436764503fd7	exe	Vidar
2026-03-22 21:52:12	7e1d19ec4a39f4050f2fb64c9a633f68827fa4896827ac85cffc6ee6c5814fb7	exe	Vidar
2026-03-22 21:30:11	582d90287db6ab528ac342c7e3d77f5272132c28f62b248d4d0c6f85421fa8b1	exe
2026-03-22 21:13:04	388438dc99adfc89ff8585d4214339c33a9ee07c57881892ff670e04e2b0e1ad	exe	NirCmd
2026-03-22 20:42:55	924403dd6074e9fbd71add4248f738912f4b499e271be6c03d759f70f80aae13	exe
2026-03-22 18:03:07	de6a89934b09b3a090a3e742e4375b366a56a9b3ad12d5112be2b56c3124ceb5	msi	EternalRocks
2026-03-22 18:03:07	764adefbf141f0d492793bc9eb509864fffce59611f20592d905e554ed67ee74	exe	Stealc
2026-03-22 18:03:06	a6edec8bb8a1de71eff27deecd7aae78ef4514dc8e2ed3dd83aeaf25a7e4a188	exe	Vidar
2026-03-22 18:01:05	af441c0683f07249f0a9a6e88aff3dd58e8c7597624a2719aa553464f8aaa960	exe	Vidar
2026-03-22 18:00:08	ab5a5aa399949370a99cfc953d9e93a11c7a5c16623f9ce3b94da126e3c9bd49	exe	OffLoader
2026-03-22 18:00:06	99778434fa47a2264a4db4046c012289646d256b5b5373c88727c5a935f2e679	bat
2026-03-22 18:00:06	5ae30eecdfb95d98cf238ff69b392cb36d1d3fb09481d79fa92c69dad48a0df0	exe	Vidar
2026-03-22 17:59:11	d6004a74d6a6a13bf680141e01999eb3635ebbacd50fa36d734fe3396afbe8e2	exe	Vidar
2026-03-22 17:59:06	cff753b684ed47012476d3cd6e5341b863baa66077371bfd8c5e47413fcfe255	exe	Vidar
2026-03-22 17:59:06	db6381cb9c7713c1b142fa6013d85c84e8121917036131e707488f1dc1111f2e	exe	SalatStealer
2026-03-22 17:59:05	1588e28cc6363ba74f755ac49d2f66572d279b43ce8449b49f934aa98523f382	exe
2026-03-22 17:58:06	af3330efee44beca6246b042b64de26010971c71a4c551cf806a3d7856079c5f	exe	Smoke Loader
2026-03-22 17:58:06	03f44dd98bf2c2a9fa5f683f061f2bd0b35d0326c61b71496299848e91edd612	exe	Vidar
2026-03-22 17:52:09	495289174bc60415fa365c6df143d1da3a88f4992abce76d5e6e83e941e46b67	exe
2026-03-22 17:51:04	50c063208801f6250ad0984212bbff667fa4b979b5443a639b24bc5bbdce0b5d	exe
2026-03-22 17:50:07	db9b43a0679f88c51197af4a266a1fa8d0a853a654b33139979953c9f11ad6c1	exe	NirCmd
2026-03-22 17:50:06	f763b7475ff730f4e836dca3b934e9888c73cb5eb7047b3644c00370a72182f8	exe	Vidar
2026-03-22 17:50:05	c4ad2d2df36d58cd27d9d0525aa82b8ab46c9f1d453db1e4d032cbfe9a489106	exe	Vidar
2026-03-22 17:45:08	302e42beb59e7f9e5695e97fc188cdbef735cdee5f3c44f080e5e52d6e2df995	exe	ConnectWise