URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	167.250.49.155
Firstseen:	2020-04-30 10:15:06 UTC
Total malware sites :	39
Online malware sites :	20 (51%)
Offline Malware sites :	19 (49%)
Newest active malware site :	2025-04-11 06:24:07 UTC
Oldest active malware site :	2024-07-19 09:04:05 UTC (Age: 1 year, 4 month, 14 days, 16 hours, 13 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2020-04-30 10:15:09	167.250.49.155		Not listed	AS263767 CORPORACIN_GALA_IT_C.A.	VE	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-04-27 23:42:12	http://167.250.49.155/bin/x64/billi_e58d74e4556...	Offline	exe opendir	DaveLikesMalwre
2025-04-27 23:42:12	http://167.250.49.155/bin/x64/billi_e58d74e4556...	Offline	exe opendir	DaveLikesMalwre
2025-04-27 23:42:03	http://167.250.49.155/bin/x64/billi_e58d74e4556...	Offline	exe opendir	DaveLikesMalwre
2025-04-27 23:42:03	http://167.250.49.155/bin/x64/billi_e58d74e4556...	Offline	exe opendir	DaveLikesMalwre
2025-04-11 06:24:07	https://167.250.49.155/bin/mimikatz.exe	Online	mimikatz	JAMESWT_WT
2024-12-17 07:01:27	https://167.250.49.155/bin/billi_e58d74e455634d...	Online	meterpreter	abus3reports
2024-12-17 07:01:26	https://167.250.49.155/bin/billi_e58d74e455634d...	Online	meterpreter	abus3reports
2024-12-17 07:01:26	https://167.250.49.155/bin/Win32/mimispool.dll	Online		abus3reports
2024-12-17 07:01:26	https://167.250.49.155/bin/billi_e58d74e455634d...	Online	meterpreter	abus3reports
2024-12-17 07:01:25	https://167.250.49.155/bin/billi_e58d74e455634d...	Online	Metasploit	abus3reports
2024-12-17 07:01:24	https://167.250.49.155/bin/Win32/mimilib.dll	Online	mimikatz	abus3reports
2024-12-17 07:01:24	https://167.250.49.155/bin/Win32/mimikatz.exe	Online	mimikatz	abus3reports
2024-12-17 07:01:13	https://167.250.49.155/bin/x64/mimispool.dll	Online		abus3reports
2024-12-17 07:01:13	https://167.250.49.155/bin/Win32/mimidrv.sys	Online	mimikatz	abus3reports
2024-12-17 07:01:13	https://167.250.49.155/bin/Win32/mimilove.exe	Online		abus3reports
2024-07-19 09:05:08	http://167.250.49.155/bin/mimikatz.exe	Online	exe mimikatz opendir	NDA0E
2024-07-19 09:05:06	http://167.250.49.155/bin/x64/mimidrv.sys	Online	exe mimikatz opendir sys	NDA0E
2024-07-19 09:05:06	http://167.250.49.155/bin/x64/mimilib.dll	Online	dll mimikatz opendir	NDA0E
2024-07-19 09:05:06	http://167.250.49.155/bin/x64/mimispool.dll	Online	dll mimikatz opendir	NDA0E
2024-07-19 09:04:06	http://167.250.49.155/bin/Win32/mimikatz.exe	Online	exe mimikatz opendir	NDA0E
2024-07-19 09:04:06	http://167.250.49.155/bin/Win32/mimidrv.sys	Online	exe mimikatz opendir sys	NDA0E
2024-07-19 09:04:05	http://167.250.49.155/bin/Win32/mimilib.dll	Online	dll mimikatz opendir	NDA0E
2024-07-19 09:04:05	http://167.250.49.155/bin/Win32/mimilove.exe	Online	exe mimikatz opendir	NDA0E
2024-07-19 09:04:05	http://167.250.49.155/bin/Win32/mimispool.dll	Online	dll mimikatz opendir	NDA0E
2020-04-30 23:42:03	http://167.250.49.155/bin/billi_7403895435d3487...	Offline	exe meterpreter	zbetcheckin
2020-04-30 20:29:03	http://167.250.49.155/bin/billi_72b9a7c5071b4b7...	Offline	exe meterpreter	zbetcheckin
2020-04-30 20:25:03	http://167.250.49.155/bin/billi_72b9a7c5071b4b7...	Offline	exe meterpreter	zbetcheckin
2020-04-30 20:24:05	http://167.250.49.155/bin/billi_72b9a7c5071b4b7...	Offline	exe meterpreter	zbetcheckin
2020-04-30 20:21:04	http://167.250.49.155/bin/billi_4fa79931167d46f...	Offline	exe meterpreter	zbetcheckin
2020-04-30 20:20:06	http://167.250.49.155/bin/billi_4fa79931167d46f...	Offline	exe meterpreter	zbetcheckin
2020-04-30 20:20:04	http://167.250.49.155/bin/billi_4fa79931167d46f...	Offline	exe meterpreter	zbetcheckin
2020-04-30 18:16:10	http://167.250.49.155/scandale/027cc450ef5f8c5f...	Offline	exe	zbetcheckin
2020-04-30 18:08:32	http://167.250.49.155/scandale/5a765351046fea14...	Offline	AZORult exe	zbetcheckin
2020-04-30 18:08:29	http://167.250.49.155/scandale/file_4571518150a...	Offline	exe	zbetcheckin
2020-04-30 17:56:04	http://167.250.49.155/scandale/PDFXCview.exe	Offline	exe kovter	zbetcheckin
2020-04-30 17:52:09	http://167.250.49.155/scandale/hostr.exe	Offline	exe	zbetcheckin
2020-04-30 17:52:06	http://167.250.49.155/scandale/Win32.WannaPeace...	Offline	exe	zbetcheckin
2020-04-30 12:47:40	http://167.250.49.155/bin/billi_a0e85740669b439...	Offline	exe meterpreter	Anonymous
2020-04-30 10:15:09	http://167.250.49.155:8081/K4XSc6J9r8n3bvZvqcRk...	Offline		JAMESWT_MHT

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-04-11 06:24:07	61c0810a23580cf492a6ba4f7654566108331e7a4134c968c2d6a05261b2d8a1	exe	MimiKatz
2024-12-17 07:01:26	13c5b2409b5ce5b7b25597e5ed91d1264e8cb95817794b8c2ea244dd962aa595	exe	Meterpreter
2024-12-17 07:01:26	03e9d40b1a4fe605b9830af70bc6f3368a5b2ad308e518640275c8b312c6ebce	exe	Meterpreter
2024-12-17 07:01:26	05842de51ede327c0f55df963f6de4e32ab88f43a73b9e0e1d827bc70199eff0	dll
2024-12-17 07:01:26	b2d678372811bbfb4c356e5a9b27526425f4d4ac2ae481b037decac6db7aa198	exe	Meterpreter
2024-12-17 07:01:25	86e691956c37b1594ef05158264e82e28655233a446fb06d4e269769ed582f06	exe	Metasploit
2024-12-17 07:01:24	e60c210687e79347d06f9a144ee84417ba9ac4c1f303720f2fe4509734d670d6	dll	MimiKatz
2024-12-17 07:01:23	94795fd89366e01bd6ce6471ff27c3782e2e16377a848426cf0b2e6baee9449b	exe	MimiKatz
2024-12-17 07:01:13	66928c3316a12091995198710e0c537430dacefac1dbe78f12a331e1520142bd	dll
2024-12-17 07:01:12	4ff7578df7293e50c9bdd48657a6ba0c60e1f6d06a2dd334f605af34fe6f75a5	exe	MimiKatz
2024-12-17 07:01:12	cc585d962904351ce1d92195b0fc79034dc3b13144f7c7ff24cd9f768b25e9ef	exe
2024-07-19 09:05:08	61c0810a23580cf492a6ba4f7654566108331e7a4134c968c2d6a05261b2d8a1	exe	MimiKatz
2024-07-19 09:05:06	d30f51bfd62695df96ba94cde14a7fae466b29ef45252c6ad19d57b4a87ff44e	exe	MimiKatz
2024-07-19 09:05:06	aef6ce3014add838cf676b57957d630cd2bb15b0c9193cf349bcffecddbc3623	dll	MimiKatz
2024-07-19 09:05:06	66928c3316a12091995198710e0c537430dacefac1dbe78f12a331e1520142bd	dll
2024-07-19 09:04:06	94795fd89366e01bd6ce6471ff27c3782e2e16377a848426cf0b2e6baee9449b	exe	MimiKatz
2024-07-19 09:04:06	4ff7578df7293e50c9bdd48657a6ba0c60e1f6d06a2dd334f605af34fe6f75a5	exe	MimiKatz
2024-07-19 09:04:05	cc585d962904351ce1d92195b0fc79034dc3b13144f7c7ff24cd9f768b25e9ef	exe
2024-07-19 09:04:05	e60c210687e79347d06f9a144ee84417ba9ac4c1f303720f2fe4509734d670d6	dll	MimiKatz
2024-07-19 09:04:05	05842de51ede327c0f55df963f6de4e32ab88f43a73b9e0e1d827bc70199eff0	dll
2020-04-30 23:42:03	0ed1a3bccdbabcea8c5af4a65f706056856bd46eec21b2296ffad11614872eab	exe	Meterpreter
2020-04-30 20:29:03	b4e054c97110a4890af6ad61369dd79f8f776bfcb9b6ba2a31936da7bac830af	exe	Meterpreter
2020-04-30 20:25:03	178d3e63fc2fb340a67ee66c735fc8c99529f2daf8355c5bb02a7e47ae9eb6cd	exe	Meterpreter
2020-04-30 20:24:05	33dc2a56054609c9bb24ab4fe94be024687c54a0945a4107862e853891704165	exe	Meterpreter
2020-04-30 20:21:04	55306cc15ee985f639e3da4d9756209c2c2a1af901c688c702e8839fe9f780d2	exe	Meterpreter
2020-04-30 20:20:06	923fa884978a7daeaa886a5f36e048f836ceaff2ee81e21502a66b834e486771	exe	Meterpreter
2020-04-30 20:20:04	b1cb41ea440ba8abb3c3ae6488afb3d4719cbaed88a79e83540b45b507bda902	exe	Meterpreter
2020-04-30 18:16:10	027cc450ef5f8c5f653329641ec1fed91f694e0d229928963b30f6b0d7d3a745	exe
2020-04-30 18:08:32	e9cfb6eb3a77cd6ea162cf4cb131b5f6ad2a679c0ba9757d718c2f9265a9668f	exe	AZORult
2020-04-30 18:08:29	426511145595346a6aee1d3483685ad32674f626a4695bb91aa82c1b016a0f1c	exe
2020-04-30 17:56:04	40050153dceec2c8fbb1912f8eeabe449d1e265f0c8198008be8b34e5403e731	exe	Kovter
2020-04-30 17:52:09	6f201afc797370ac6e33fafec41a794a2eb44c1bfd7d9079e3633ebe7bbb41e1	exe
2020-04-30 17:52:06	653bc2b16b1624e045c1225810185e9aa3694dc378fe0095e2052b7f1e265d01	exe
2020-04-30 14:15:10	dd7cc0e7bf27dbe64506da6a7d7fd5c4900183ee716959a1ac37fc571c7ab4a7	exe
2020-04-30 13:25:09	72f794e80f2b5a69f382babb9117bc06804ca3991385540d3b7563a002578cc5	exe
2020-04-30 12:53:09	03384de974abb03c6b7905b713a3225e148e140bf093d52540733ab7c40d48dc	exe
2020-04-30 12:47:40	40307dbc6b2d486f81daab461b987cae648f2f9427b03735876da1ed6862f6d5	exe	Meterpreter
2020-04-30 10:15:07	4d7ba0467cb5ea93d5c78ebe789adecb93264ce8238d04846ffef8528fc5536d	exe