URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	185.196.9.161
Firstseen:	2023-11-11 09:12:03 UTC
Total malware sites :	10
Online malware sites :	0 (0%)
Offline Malware sites :	10 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-11-11 09:12:06	185.196.9.161		SBL640645	AS42624 swissnetwork02	GB	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-11-26 05:52:06	http://185.196.9.161/Mmotwvfgpde.exe	Offline	64 exe	zbetcheckin
2023-11-24 16:32:05	http://185.196.9.161/Jqjfw.exe	Offline	32 Amadey exe	zbetcheckin
2023-11-24 06:13:06	http://185.196.9.161/Opesi.exe	Offline	32 exe Vidar	zbetcheckin
2023-11-24 03:04:06	http://185.196.9.161/Wlssejinnvz.exe	Offline	64 exe zgRAT	zbetcheckin
2023-11-20 06:25:10	http://185.196.9.161/hvupdater12.exe	Offline	32 exe zgRAT	zbetcheckin
2023-11-18 06:06:06	http://185.196.9.161/v1.exe	Offline	32 exe MarsStealer	zbetcheckin
2023-11-17 18:11:07	http://185.196.9.161/Chjirossjr.exe	Offline	64 Amadey CoinMiner exe	zbetcheckin
2023-11-16 04:10:20	http://185.196.9.161/Aaezheyu.exe	Offline	64 exe zgRAT	zbetcheckin
2023-11-13 07:58:07	http://185.196.9.161/Rjiyeslhtb.exe	Offline	64 exe zgRAT	zbetcheckin
2023-11-11 09:12:06	http://185.196.9.161/Nfwwamql.exe	Offline	64 exe zgRAT	zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-11-30 02:07:51	20f894c77415be99a1f652a897af6c153de7d5994d3f233e391b1b49559ebffc	exe
2023-11-26 05:52:06	15a05098b91575cb0da6964367040dc8a0051a4fa8a0db4d26fdb8aaa570ceae	exe
2023-11-24 16:32:05	93583dfa872b44e13e449cdfbbe20e64851dbe0e615f30b0313d2cb6a9b2309e	exe	Amadey
2023-11-24 06:13:06	3c16def99c05de25b1b8dfb73757f3356bad519c9c39292752aa07fab0653936	exe	Vidar
2023-11-24 03:04:06	78622732081a2280320cbd61ae9c1cf51061ad534b537cf6010144e41e29bb67	exe	zgRAT
2023-11-21 01:25:04	f8e0ece0ff3a16a06fd53e8855b422bf3b2ced48d3facfd954526b1c6b6a42a6	exe	Amadey
2023-11-20 06:25:10	ebb20ee3f9c28aa7e7a1fe1cdc8371c56a17f2f17bf8d98139fea30915e2be0f	exe	zgRAT
2023-11-18 20:15:47	d8352d51143cdb130eb1c633fcc91b688df4961fcbe97a286c88112884266833	exe	MarsStealer
2023-11-18 14:29:31	9bdcaf14e9f27607ce4c446a38ab2e187e0cd4f1c74176108a39c9eefa10bcb1	exe
2023-11-18 06:06:06	129945bc24fc3a0f026201998f746fdaa548460d5822822d305a9f1ab68db413	exe	MarsStealer
2023-11-17 18:11:07	3f26b871b1e556d19b67814d3a758316b655cd508be014a2eea2cf40e1371b94	exe	CoinMiner
2023-11-16 04:10:20	37c232d654467909a6f6ddcd25d59d81e0c8bb3b5873c8ee46f87d093bc10e8a	exe	zgRAT
2023-11-13 07:58:07	f943cf382d0c97c65b9ab3402d85118ee810127b648eb9fcc07c3f3404b281ae	exe	zgRAT
2023-11-12 05:34:47	795e333056f12db05a5c212318e3f1e3d915a8e7f88737fc34321465a6c1bfad	exe	zgRAT
2023-11-11 09:12:06	a1765648a41eea21fd942776cba9b50705673d8f7564ae7f8c9751eda9e2e564	exe	zgRAT