URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	18.140.72.12
Firstseen:	2021-04-15 13:09:03 UTC
Total malware sites :	9
Online malware sites :	0 (0%)
Offline Malware sites :	9 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-04-15 13:09:06	18.140.72.12	ec2-18-140-72-12.ap-southeast-1.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	SG	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-04-16 05:38:07	http://18.140.72.12/wind/orr7-02.exe	Offline	AgentTesla exe	zbetcheckin
2021-04-16 04:49:07	http://18.140.72.12/wind/orr7-03.exe	Offline	AgentTesla exe	zbetcheckin
2021-04-16 04:49:06	http://18.140.72.12/wind/xxxx9-02.exe	Offline	exe Formbook	zbetcheckin
2021-04-15 13:10:08	http://18.140.72.12/wind/xxxx9-10.exe	Offline	exe Formbook opendir	abuse_ch
2021-04-15 13:10:08	http://18.140.72.12/wind/orr7-09.exe	Offline	AgentTesla exe opendir	abuse_ch
2021-04-15 13:10:08	http://18.140.72.12/wind/orr7-10.exe	Offline	AgentTesla exe opendir	abuse_ch
2021-04-15 13:10:06	http://18.140.72.12/wind/xxxx9-09.exe	Offline	exe Formbook opendir	abuse_ch
2021-04-15 13:09:13	http://18.140.72.12/wind/orr7.exe	Offline	AgentTesla exe opendir	abuse_ch
2021-04-15 13:09:06	http://18.140.72.12/wind/xxxx9.exe	Offline	exe Formbook opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-04-16 14:48:19	10dd6636705588394e6b2610eca43325c8a17d3fc303ba605c1d40bab3a75a13	exe	AgentTesla
2021-04-16 12:11:37	696007cc5cdcc234a7378e44aed248a918143e197901cf1074d6dc07e452ab8a	exe	Formbook
2021-04-16 07:22:15	c39de4a10c23c2b7e7509158e90d38fe6b7d8544b678c3326876829b51bb6b13	exe	AgentTesla
2021-04-16 05:38:07	92301e389bb037a484b2bd9973642c3c9a7415104c33009b17fbd816590db8f2	exe	AgentTesla
2021-04-16 04:49:07	1e21738e68114a74266054b4ce1c8489b3f6a373b15cada9e0e08d30cd9d3da6	exe	AgentTesla
2021-04-16 04:49:06	5b7770f02c562dffdbe0cd638e288adba8f340c7231ef30fa2860b7f4b9dfa80	exe	Formbook
2021-04-16 01:10:18	3d15e2909a2cbedba57a1718b220b187465396969ebaf8f9021847c0b953153c	exe	Formbook
2021-04-15 16:09:55	92301e389bb037a484b2bd9973642c3c9a7415104c33009b17fbd816590db8f2	exe	AgentTesla
2021-04-15 15:54:23	5b7770f02c562dffdbe0cd638e288adba8f340c7231ef30fa2860b7f4b9dfa80	exe	Formbook
2021-04-15 13:10:08	c973881d3539e89059c7713b4e24e330f88abee7da38f256034bc25bb4b9e674	exe	AgentTesla
2021-04-15 13:10:08	aa9b97249254e492bda4508cc661f462ed749c6d810d2c915136848189addc38	exe	AgentTesla
2021-04-15 13:10:07	15944a88ca237bb17dde16f5ef5a0dc4122576d8dc80f2d28f2b9555464c05bc	exe	Formbook
2021-04-15 13:10:06	ce99378f7bcd95a0441b3572fe948daeb420ec960719761b249b817e5c0cec37	exe	Formbook
2021-04-15 13:09:13	7582182ef873a01a095cdca3e94d8c46c2e86aae1e198960cedceaf9ab7de3ff	exe	AgentTesla
2021-04-15 13:09:06	c9afe6904407e9b60e73edf93efbd932b6725f0f4f33306117ffc9854c21cae2	exe	Formbook