URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 18.159.149.5 |
|---|---|
| Firstseen: | 2021-10-25 12:31:02 UTC |
| Total malware sites : | 7 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 7 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2021-10-25 12:31:03 | 18.159.149.5 | ec2-18-159-149-5.eu-central-1.compute.amazonaws.com | Not listed | AS16509 AMAZON-02 |  DE | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2021-10-26 05:16:04 | http://18.159.149.5/nbl/joy/1-1/Sample_10120351... | Offline | 32 AgentTesla  exe |  zbetcheckin |
| 2021-10-26 05:16:04 | http://18.159.149.5/nbl/joy/1-1/Sample_10120351... | Offline | 32 exe SnakeKeylogger | zbetcheckin |
| 2021-10-25 17:21:04 | http://18.159.149.5/nbl/joy/1-1/Sample_10120351... | Offline | 32 exe | zbetcheckin |
| 2021-10-25 13:47:06 | http://18.159.149.5/nbl/joy/1-1/Sample_20120351... | Offline | 32 exe SnakeKeylogger | zbetcheckin |
| 2021-10-25 12:46:04 | http://18.159.149.5/nbl/joy/1-1/Sample_50120351... | Offline | exe SnakeKeylogger |  abuse_ch |
| 2021-10-25 12:35:04 | http://18.159.149.5/nbl/joy/1-1/Sample_03018200... | Offline | 32 exe SnakeKeylogger | zbetcheckin |
| 2021-10-25 12:31:03 | http://18.159.149.5/nbl/joy/1-1/Sample_70120351... | Offline | 32 exe Loki | zbetcheckin |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2021-10-26 05:16:04 | d31aac51a23ad4a66f475713817f59274e56e3c9b78cfd222080a5715c777957 | exe | AgentTesla | |
| 2021-10-26 05:16:04 | 8b94440478e3c9fd0991d121ef5ab7144425da4b074a65d93fd9111a515c0b8e | exe | SnakeKeylogger | |
| 2021-10-25 17:21:04 | 1b04c5b785d829d0bded1c43d2eec9dd47d7f3d577b9a259f5b81b539df712b2 | exe | ||
| 2021-10-25 13:47:04 | d6d7188aff12eafb94ede4776b3ea68e19b3a7ada8af631bab2ef23b1998c637 | exe | SnakeKeylogger | |
| 2021-10-25 12:46:04 | f44194e90292e9086af6d3ffdbe3634396624f4d2585fe87934e8bb6304141f8 | exe | SnakeKeylogger | |
| 2021-10-25 12:35:04 | c6743515f8490feace6c212ec0714b7c44c840d2be8f9b127e4193b23d752127 | exe | SnakeKeylogger | |
| 2021-10-25 12:31:03 | 00ad9c596b2af402b7d77a1b6d1c81337f76c3d4e4af1e429fafbdf6a8530ff7 | exe | Loki |