URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	158.94.211.222
Firstseen:	2026-03-06 11:40:06 UTC
Total malware sites :	35
Online malware sites :	18 (51%)
Offline Malware sites :	17 (49%)
Newest active malware site :	2026-03-07 08:32:07 UTC
Oldest active malware site :	2026-03-06 11:40:08 UTC (Age: 22 hours, 39 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2026-03-06 11:40:08	158.94.211.222		SBL686264	AS202412 OMEGATECH-AS	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2026-03-07 08:32:07	http://158.94.211.222/files/8468794285/iBC1OE9.exe	Online	c2-monitor-auto dropped-by-amadey	c2hunter
2026-03-07 07:06:05	http://158.94.211.222/files/unique2/random.exe	Offline	c2-monitor-auto dropped-by-amadey	c2hunter
2026-03-07 05:20:10	http://158.94.211.222/files/8548282130/trP9KGI.exe	Online	dropped-by-amadey fbf543 QuasarRAT	Bitsight
2026-03-07 05:08:12	http://158.94.211.222/files/8548282130/trP9KGI.bat	Offline	c2-monitor-auto dropped-by-amadey	c2hunter
2026-03-07 02:53:09	http://158.94.211.222/files/8468794285/5vroDFE.exe	Online	c2-monitor-auto dropped-by-amadey OffLoader	c2hunter
2026-03-07 00:05:10	http://158.94.211.222/files/6902778688/uxQfUNw.exe	Offline	dropped-by-amadey fbf543 VenomStealer	Bitsight
2026-03-06 21:35:09	http://158.94.211.222/files/1797567872/w6UBu3m.exe	Offline	dropped-by-amadey fbf543	Bitsight
2026-03-06 21:06:09	http://158.94.211.222/files/8733674968/jLZuxmu.exe	Offline	c2-monitor-auto DarkVisionRAT dropped-by-amadey	c2hunter
2026-03-06 17:11:07	http://158.94.211.222/files/2070717540/IPvJTgG.bat	Offline	dropped-by-amadey fbf543	Bitsight
2026-03-06 16:17:06	http://158.94.211.222/files/7044575709/ABbqsJz.exe	Online	dropped-by-amadey fbf543 SalatStealer	Bitsight
2026-03-06 15:33:09	http://158.94.211.222/files/1225117411/Blr3MBe.msi	Offline	c2-monitor-auto connectwise dropped-by-amadey	c2hunter
2026-03-06 15:00:11	http://158.94.211.222/files/7362035837/T3f3JTM.exe	Offline	dropped-by-amadey fbf543	Bitsight
2026-03-06 14:56:09	http://158.94.211.222/files/6902778688/bQVtGjS.exe	Offline	dropped-by-amadey fbf543	Bitsight
2026-03-06 14:47:10	http://158.94.211.222/files/5758620506/HjZucsF.exe	Offline	dropped-by-amadey fbf543	Bitsight
2026-03-06 14:34:08	http://158.94.211.222/files/6149304756/t1nM7M0.exe	Offline	dropped-by-amadey fbf543	Bitsight
2026-03-06 13:37:07	http://158.94.211.222/files/7309295924/SpdWqa6.exe	Offline	c2-monitor-auto dropped-by-amadey	c2hunter
2026-03-06 12:58:09	http://158.94.211.222/files/8468794285/sBC01fa.exe	Offline	dropped-by-amadey fbf543	Bitsight
2026-03-06 12:52:09	http://158.94.211.222/final/random.exe	Online	dropped-by-amadey fbf543 NirCmd	Bitsight
2026-03-06 12:29:07	http://158.94.211.222/files/1660459253/W3Trdgs.exe	Offline	dropped-by-amadey fbf543	Bitsight
2026-03-06 12:15:10	http://158.94.211.222/files/6961337700/4p8oGAO.exe	Offline	c2-monitor-auto dropped-by-amadey	c2hunter
2026-03-06 12:10:08	http://158.94.211.222/files/6608710704/1r6sQRc.exe	Online	c2-monitor-auto dropped-by-amadey Vidar	c2hunter
2026-03-06 12:10:08	http://158.94.211.222/files/gop/random.exe	Online	c2-monitor-auto dropped-by-amadey Vidar	c2hunter
2026-03-06 12:09:13	http://158.94.211.222/files/7725193537/jdVAN80.exe	Online	c2-monitor-auto dropped-by-amadey rustystealer	c2hunter
2026-03-06 12:09:11	http://158.94.211.222/files/5908119101/gkmdY2O.exe	Offline	c2-monitor-auto dropped-by-amadey	c2hunter
2026-03-06 12:09:08	http://158.94.211.222/files/7260582679/YOaxz85.exe	Online	c2-monitor-auto dropped-by-amadey	c2hunter
2026-03-06 12:09:08	http://158.94.211.222/files/8243287745/p9ulf8e.msi	Online	c2-monitor-auto dropped-by-amadey	c2hunter
2026-03-06 12:07:08	http://158.94.211.222/files/7782139129/PKenO2z.exe	Online	c2-monitor-auto dropped-by-amadey SalatStealer	c2hunter
2026-03-06 12:07:07	http://158.94.211.222/files/8499672124/b1JNsvy.exe	Online	c2-monitor-auto dropped-by-amadey Fuery	c2hunter
2026-03-06 12:07:07	http://158.94.211.222/files/5900855435/eNLe4nm.exe	Online	c2-monitor-auto dropped-by-amadey Vidar	c2hunter
2026-03-06 12:06:07	http://158.94.211.222/files/7453936223/5GFpJxh.exe	Online	c2-monitor-auto dropped-by-amadey Vidar	c2hunter
2026-03-06 12:06:07	http://158.94.211.222/test/random.exe	Online	dropped-by-amadey fbf543	Bitsight
2026-03-06 12:05:10	http://158.94.211.222/files/7290860719/OTcX1Qs.exe	Online	c2-monitor-auto dropped-by-amadey Vidar	c2hunter
2026-03-06 12:05:09	http://158.94.211.222/files/7411337060/ZCGm9Ky.exe	Online	c2-monitor-auto dropped-by-amadey Vidar	c2hunter
2026-03-06 12:01:07	http://158.94.211.222/files/6149304756/9MVYpgf.exe	Offline	c2-monitor-auto dropped-by-amadey	c2hunter
2026-03-06 11:40:08	http://158.94.211.222/vidar/random.exe	Online	Amadey c2-monitor-auto connectwise dropped-by-amadey	c2hunter

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2026-03-07 09:19:14	d32a7418dbab5c43ca9be893ccdf4b7edae9276dc8bb53bbb759b78d65d32437	exe
2026-03-07 08:32:07	317f523b62941f1a5426963055fd27a7660a8273d0bf22a77fece8800230980c	exe
2026-03-07 07:49:41	d51df332558a7bd2908e81b2896d5dbdc100b33e849546dacdf54296ae4332e5	exe
2026-03-07 05:20:09	b9b51e29d004739a401a3628bd5b48cccb9bfa5bbc67dbacd3be197a5be32285	exe	QuasarRAT
2026-03-07 05:08:12	8ff80af7d51289e13443a22df16d96b6c5e6354246c5d1f3074a5e689d81dbda	bat
2026-03-07 03:27:01	973f2013840e54bd9b12e31938b0592cad17c23425304fecd1ce072aad4d45d2	exe
2026-03-07 02:53:15	cd139883e7c08001becf7a9a864c91691bc243c3adb5c87ce94729f9b24a56ce	exe	VenomStealer
2026-03-07 02:53:09	48a48aa818438aa9ac6086b788126309ae61094539623d62b6298f3372e222bb	exe	OffLoader
2026-03-07 00:05:10	e90b8cbcfba56c57f910b0937fc27c5b9719c409ea225df575499174235e302b	exe
2026-03-06 21:35:09	b7baebce1e80a690c32b9da7891c455f27deae7ccf33a4353226b2ccf97ee77a	exe
2026-03-06 21:06:09	6700075bf252fbc09453df6f543d36bbd7f7a011ed2b5bf7fc86df1c4b634c8d	exe	DarkVisionRAT
2026-03-06 20:59:04	cb1da42e8e4283d5639f54e319dcd76480d9a507206e5b328aa8a6795c6404c3	exe
2026-03-06 19:48:04	302e42beb59e7f9e5695e97fc188cdbef735cdee5f3c44f080e5e52d6e2df995	exe	ConnectWise
2026-03-06 17:11:07	05d6f4e462065f3c5c3710775f15f96d333ff3d35ea7860536c6208ff4c2f294	bat
2026-03-06 16:17:06	9c03d2476f5d46c9a49eb40c5a744ebba7ca8d4036924e426e652627568f87d0	exe	SalatStealer
2026-03-06 15:33:09	4d24949840cbe6127c1a949786a10fd526693cb8ae286be0da8fcd776f635387	msi	ConnectWise
2026-03-06 15:20:32	083ec9b49d1fda4e4485781203013d8552a71eb8f2b464acaab9cbd97b4ac3d6	exe
2026-03-06 15:20:11	94bd0cc1f5b87d454af3f6be2ea6f6531795fb6b6d1078136f6701121715c25f	exe
2026-03-06 15:00:10	9a8ee12f874e254932ba9c6c3ba726e5b083409e9874efd21c6534c5f40a624a	exe
2026-03-06 14:56:09	7c0d1a9f2480add073c0ec9d8ee3de476e226a87bf92106c256dcc8fdd94cf4e	exe
2026-03-06 14:47:10	2abf9d6ed195f9d061f4948972e0bdb67741b5d19f9ab60eb55dadd79c529698	exe
2026-03-06 14:34:08	083ec9b49d1fda4e4485781203013d8552a71eb8f2b464acaab9cbd97b4ac3d6	exe
2026-03-06 14:27:51	31f7ed8a31c353eedc8fc2e6d3b3c1595cc6b586d97b0d3d4692e0807e52d6f3	exe
2026-03-06 14:17:27	bd4c96efb1ffcd39501d6fd1a32922efca5030161df6107f5fac39598397ec5a	exe
2026-03-06 13:37:07	744e8a3df80d94db5aaec3b7bdf630d680068dab28d65c07386bc82b44078bb9	exe
2026-03-06 12:58:09	b12b1bd3046f0e1b4838f187c334633b63df4cc76934ddf6140d9f3c008f5339	exe
2026-03-06 12:52:09	0d6f9701bbe0142a18e081bdd354895d9e3d678bbacd0a84c4080ea3eaeed5eb	exe	NirCmd
2026-03-06 12:29:07	730e9e0bd0a41438d7d7af227f1441b4f9d8a54988e0add3a2e0fbd7312cc163	exe
2026-03-06 12:15:10	303a09eb23736481748f307d4945bc332a76f45a2fa5fc137fcfdc009b4cc289	exe
2026-03-06 12:10:08	209b9780a3ee377f4c3b9174522a906f2e487d479041dddbec5eaed627c2e3d2	exe	Vidar
2026-03-06 12:10:08	0b672807d7526c571d3809112ca0d04e3df926b5414d00cb8a6d73f59a172e9b	exe	Vidar
2026-03-06 12:09:13	20dc254b66b8616088c5122b29211d7102306484b550f75caee7ec9b2a02e71f	exe	RustyStealer
2026-03-06 12:09:11	7c519ab5b4da70d36c04ed39744f99ceb52d877c107c45cf7f731518fcb2c2d2	exe
2026-03-06 12:09:08	e06dbe87f6cdcfc942f274c4d7883a5ebadf48b7d5eab2a9ef0e900783a8e915	msi
2026-03-06 12:09:08	b80ac13edccd2ca442221d7b22a6e8c7eb98688426582d38bf4ebbd5e0ab265b	exe
2026-03-06 12:07:08	30a50cc0f7b317c9734e6792e7e4ec174035d92031bdcc87a80ad8826adc60b2	exe	SalatStealer
2026-03-06 12:07:07	18e9a8bfad425d3ff9c0ab3d71e6890320166127b8bdf7460a7edd30f45be0ab	exe	Fuery
2026-03-06 12:07:07	5ac53e312732078514a827b41e1b2cbc6e7161970f9d9ad91f382eede969ac39	exe	Vidar
2026-03-06 12:06:07	50c063208801f6250ad0984212bbff667fa4b979b5443a639b24bc5bbdce0b5d	exe
2026-03-06 12:06:07	928b819cbc327ba9d52090b4961d6194e5d3683152ea9ce947d734c5497bec52	exe	Vidar
2026-03-06 12:05:10	299f253ef5a0f06b347cdfeab309c849cf7951a227ed4c13efb61ddf48c1c8e5	exe	Vidar
2026-03-06 12:05:09	69c7b3654300bd7f94ba603da9be8f743442dc2e07504685a07f79f1cc318b4c	exe	Vidar
2026-03-06 12:01:07	1c63dd5c645b215c7dc0e0e4ef509e9394da2669564f79eb4caae43ad59fe0d6	exe
2026-03-06 11:40:07	ab4a92b1b4fd0320e7a13519c8c2b8fa8a828ec56db52864dd70dc48061604b3	exe	Amadey