URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 185.196.8.238
Firstseen:2023-11-22 03:32:04 UTC
Total malware sites :24
Online malware sites :0 (0%)
Offline Malware sites :24 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2023-11-22 03:32:06 185.196.8.238SBL640645AS42624 swissnetwork02- CHyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2023-12-20 19:23:07http://185.196.8.238/Mhgskyufhic.exeOffline64 exe zbetcheckin
2023-12-14 22:18:20http://185.196.8.238/NovaFree.exeOffline64 exe zbetcheckin
2023-12-10 16:20:09http://185.196.8.238/Gdbpyzcldrr.exeOfflineexe zgRAT abuse_ch
2023-12-10 11:18:08http://185.196.8.238/prox.exeOffline64 exe zbetcheckin
2023-12-10 09:00:09http://185.196.8.238/Pfvtwoys.exeOffline64 CoinMiner exe zbetcheckin
2023-12-10 04:59:04http://185.196.8.238/Nnyphhamc.exeOffline64 exe zgRAT zbetcheckin
2023-12-10 04:14:08http://185.196.8.238/Zocymkpxeu.exeOffline64 exe PureLogs zbetcheckin
2023-12-10 03:23:07http://185.196.8.238/Edbwgnrp.exeOffline64 exe zgRAT zbetcheckin
2023-12-10 03:23:06http://185.196.8.238/Vbewgil.exeOffline64 exe zgRAT zbetcheckin
2023-12-10 01:00:09http://185.196.8.238/NNaxff.exeOffline64 exe zgRAT zbetcheckin
2023-12-07 04:54:06http://185.196.8.238/SpeechRun.exeOffline32 AsyncRAT ext exe zbetcheckin
2023-12-07 04:54:05http://185.196.8.238/cleaneruop.exeOffline32 exe zgRAT zbetcheckin
2023-12-06 09:06:07http://185.196.8.238/Mifld.exeOffline64 exe zgRAT zbetcheckin
2023-12-06 08:17:06http://185.196.8.238/Vonupajtmf.exeOffline64 exe zgRAT zbetcheckin
2023-12-06 05:54:34http://185.196.8.238/newup1.exeOffline32 Amadey CoinMiner exe zgRAT zbetcheckin
2023-12-04 04:46:05http://185.196.8.238/Ennytypip.exeOffline32 exe zgRAT zbetcheckin
2023-12-04 04:04:09http://185.196.8.238/Wraub.exeOffline32 exe PureLogs zbetcheckin
2023-12-03 04:12:06http://185.196.8.238/ca2.exeOffline64 exe zgRAT zbetcheckin
2023-11-28 04:41:05http://185.196.8.238/strim.exeOffline64 CoinMiner exe zgRAT zbetcheckin
2023-11-28 04:41:05http://185.196.8.238/supstrim.exeOffline64 exe zgRAT zbetcheckin
2023-11-28 04:36:05http://185.196.8.238/Klkypmnqw.exeOffline64 exe zgRAT zbetcheckin
2023-11-26 06:35:08http://185.196.8.238/LauncherPatchv2.exeOffline64 exe zgRAT zbetcheckin
2023-11-26 05:03:05http://185.196.8.238/Xxxpykzevor.exeOffline32 exe Vidar ext zbetcheckin
2023-11-22 03:32:06http://185.196.8.238/amarer.exeOffline32 Amadey exe zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2023-12-20 19:23:079856500be7125300004592f1f488868065838054a84d08287fd9c62b17ecc07bexe 
2023-12-14 22:18:20a7ca43592a0e8effd5ce13b2c93b38acef8808f31fbd5d014dda2ff5d7906cd7exe 
2023-12-11 11:51:37f96ab4310aa8db919bb096026c3fa9814d9103c0994ae9e3d1770426787f51bbexe  
2023-12-10 16:20:098252f99b0f6c26c5c6360c896b26d2acf273ec3c68cf2d883fce4727fe926237exezgRAT
2023-12-10 11:18:0885a82bf7a37a3e19e6eaa71ccd6a04decb0fe523d12f9b5555c1978a3a43f3fdexePureLog
2023-12-10 09:00:0958030aa175ddaa0200e13bf51fbf32eca9058c6cb30804b496848305223bb1c0exeCoinMiner
2023-12-10 04:59:04da5406c85fcfa394d19d96f77a175539058119cbb86159ca57adcdf79d426ca8exezgRAT
2023-12-10 04:14:0881e40438564d00d8bf54950f87cae5122133b976e50f38b263f34c6e8e114288exePureLogs
2023-12-10 03:23:07a40342aa9ecc963d2c7d3cdf726cb6b175adbc03d6258b2b368f10f9e524df3dexezgRAT
2023-12-10 03:23:061cbbbbd6e0bdc94c4fe64cf616013550df1f027787ba1fbaa7671a317838cb07exezgRAT
2023-12-10 01:00:09da5406c85fcfa394d19d96f77a175539058119cbb86159ca57adcdf79d426ca8exezgRAT
2023-12-07 12:29:093756b23ef7551900ef1532fc6f95725ad0f295fa3098cd25e66623377c04190eexezgRAT
2023-12-07 10:09:191d74960fc04c6cafdbd2d42fb94e6008a3fd8d1676962ffe7d1d8607ca07220fexeCoinMiner
2023-12-07 04:54:0647f163032b408314516aae096abd13d1b4151925d3c4f7bd5a93468ceaaa3c92exeAsyncRAT
2023-12-07 04:54:05ec94c8c7f81013c6b195c398dca59c2148746850ab4f549dd181b3ec25382453exezgRAT
2023-12-06 09:06:07e62b3949e1092bcb92435ec398caa0c55963deca3dbe79a4808dda3e093622a9exezgRAT
2023-12-06 08:17:0631ff5defd4ca9fc4a8883579c6d5be8783b9241763a46e9a39bebd0d5053547dexezgRAT
2023-12-06 06:14:596301ed4e8233022dad1da5e21be35d6de7a3e92489f1b303df33a1cc734bff68exeAmadey
2023-12-04 04:46:053a646773608d252c2b742a0f4f74c061d4d282a090c1d39c973cbfe386f3b478exezgRAT
2023-12-04 04:04:0913e2517eb9d45a3d68feec9d8cec5e8aeeed4b57d63db428f68c54be4224390eexePureLogs
2023-12-03 04:12:06311a3b7def97fc40fd72447b9e581401e5dcb7ecb6fc75e160035c87746452faexezgRAT
2023-11-30 20:22:3760c0ab0cdcb4e608b2b400d19ad7e6b0705a85628bdf9b8ca42efe16cb07ccbcexe  
2023-11-30 19:49:1366c8e00f46e83d91c5920cf9638b03b8b9095d22ed58744f2abc9fdebc550c9fexe CoinMiner
2023-11-30 19:13:33588506d91ec77a608a62417ea1d67204b1b173bd90af7e17cf52bbd0f03f7d2dexe zgRAT
2023-11-30 04:07:529725d87839eabb2677be7eafd2d6ba674ca24b74e3041f82ddbef9224b0a3db4exe  
2023-11-28 04:41:050e418d04674868bec602f83b469c6cec020de614ca02880cf02cf18086279421exezgRAT
2023-11-28 04:41:05a481b300f1cf5ec873245d16c0e0fdfc18f681cf2ee682b23d47dd0b122c4998exezgRAT
2023-11-28 04:36:0541bf286f78c2cb29f263c89dd069cbb2ec4fb2f4fab12ea5c6df42bd606cea99exezgRAT
2023-11-26 06:35:088e684d3f9529b34396c708fafca492a2333d50222042c3a5f8b7fb0573c96251exezgRAT
2023-11-26 05:03:0542e2ad1b0ae1c68d812cc652e0167b2b51d51fc33712fba712223704ea609435exeVidar
2023-11-25 11:27:298d2a84ab2b65a861fee39dc425e72588cd9f08638c9e982c7797218f2a326afaexe  
2023-11-23 16:21:40d9419bc56421da78118cd511468bbc463bfb2c8d4405e2a6b38956b5a49d10a3exe Amadey
2023-11-23 05:12:25138b791bb04c3073e3e752fdcf5bc5490c4169e9f553954b025aab8414c4589aexeAmadey
2023-11-22 03:32:06bb150377b93d4df2a877a68e700490644290a0ea59001c189e55bbf62bad1e68exeAmadey