URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	185.215.113.36
Firstseen:	2021-09-28 18:07:03 UTC
Total malware sites :	20
Online malware sites :	0 (0%)
Offline Malware sites :	20 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-12-12 19:29:16	http://185.215.113.36/Javvvum.exe	Offline	cryptbot	abus3reports
2024-11-09 05:17:06	http://185.215.113.36/AllNew.exe	Offline	32 Amadey exe	zbetcheckin
2024-11-03 10:39:06	http://185.215.113.36/2927.exe	Offline	exe	abus3reports
2024-11-03 10:39:05	http://185.215.113.36/Newofff.exe	Offline	exe	abus3reports
2024-11-03 10:35:08	http://185.215.113.36/Office2024.exe	Offline	CoinMiner exe	abus3reports
2024-11-03 10:34:07	http://185.215.113.36/exbuild.exe	Offline	exe	abus3reports
2024-11-03 10:34:06	http://185.215.113.36/Nework.exe	Offline	exe	abus3reports
2024-11-03 10:02:13	http://185.215.113.36/JavvUm.exe	Offline	cryptbot	abus3reports
2024-11-03 10:02:09	http://185.215.113.36/stail.exe	Offline	Socks5Systemz	abus3reports
2024-11-03 07:15:13	http://185.215.113.36/JavUmar.exe	Offline	32 cryptbot exe	zbetcheckin
2024-11-01 16:46:17	http://185.215.113.36/Offnewhere.exe	Offline	Amadey cryptbot exe	abus3reports
2022-01-11 07:37:04	http://185.215.113.36/windowshelper.bin	Offline	encrypted	abuse_ch
2021-09-29 13:15:10	http://185.215.113.36/zenaaaretest/UpSys.exe	Offline		Cryptolaemus1
2021-09-29 10:15:01	http://185.215.113.36/zenaaaretest/Zenar_protec...	Offline	exe	zbetcheckin
2021-09-29 09:24:35	http://185.215.113.36/DebasedSeptenary_2021-09-...	Offline	32 exe RedLineStealer	zbetcheckin
2021-09-29 06:55:37	http://185.215.113.36/zena/UpSys.exe	Offline		Cryptolaemus1
2021-09-29 06:55:05	http://185.215.113.36/Zenar_protected.exe	Offline		Cryptolaemus1
2021-09-28 19:05:05	http://185.215.113.36/DebasedSeptenary_2021-09-...	Offline	32 exe RedLineStealer	zbetcheckin
2021-09-28 19:02:10	http://185.215.113.36/main.exe	Offline	32 Amadey exe	zbetcheckin
2021-09-28 18:07:57	http://185.215.113.36/main_signed1.exe	Offline		Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2024-12-12 19:29:16	9c45c5456167f65156faa1313ad8bbaffb8aa375669bf756fe0273580a621494	exe	CryptBot
2024-11-09 05:17:06	cf67a50598ee170e0d8596f4e22f79cf70e1283b013c3e33e36094e1905ba8d9	exe	Amadey
2024-11-07 06:43:38	4519ffb96ab3e8a4746518455911475f459685fc4174251a17552f1f100c93b5	exe	Socks5Systemz
2024-11-05 22:31:13	465a1cefe61446110cc521d376651a5074fb87295da5fd64bd74fd25cbab669b	exe	CryptBot
2024-11-03 21:44:20	4b81371832a31aa1b9a3f4caf3da072dbadc9793dc92d90ba3ea89c8ba7dd17e	exe	CryptBot
2024-11-03 20:16:36	bf1e76b416fc0342d49fe79da89995717679ad80f8c0dd1a9b591044ef02f0e2	exe	Socks5Systemz
2024-11-03 10:39:06	1fc070d52f6c24eb6e83d5e9474d63868d47509a8aea3687782ebf61ebe97cfd	exe	Adware.Generic
2024-11-03 10:39:05	2f1aff28961ba0ce85ea0e35b8936bc387f84f459a4a1d63d964ce79e34b8459	exe	Spambot.Kelihos
2024-11-03 10:35:08	bc7d010eb971dbc9cbeedc543f93bb1b6924d57597e213dbe10c2c1efd8d0296	exe	CoinMiner
2024-11-03 10:34:06	2f1aff28961ba0ce85ea0e35b8936bc387f84f459a4a1d63d964ce79e34b8459	exe	Spambot.Kelihos
2024-11-03 10:34:06	2f1aff28961ba0ce85ea0e35b8936bc387f84f459a4a1d63d964ce79e34b8459	exe	Spambot.Kelihos
2024-11-03 10:02:13	8003fd73d5681b78365343e95c96bf7289fbb66ad2e22673099f4ab4e947270f	exe	CryptBot
2024-11-03 10:02:09	e709b26315714057ce041823f8a63f38064790a4a2af8fa00a9b63ea19d82329	exe	Socks5Systemz
2024-11-03 07:15:13	80c8797268cb88f5bef1791ccc88b62288763a27528709886e55175b9bd94487	exe	CryptBot
2024-11-01 18:00:43	80c8797268cb88f5bef1791ccc88b62288763a27528709886e55175b9bd94487	exe	CryptBot
2024-11-01 17:38:38	cf67a50598ee170e0d8596f4e22f79cf70e1283b013c3e33e36094e1905ba8d9	exe	Amadey
2024-11-01 16:46:17	0ad7e833d526131900916008913dec998360ee6d1a9aacf3997602e1cfc1c3e3	exe	CryptBot
2022-01-11 07:37:04	31ce6bc633ac2e1e933ca3670c7104222682460055fc354395d4d32b7637dbf4	unknown
2021-09-29 13:15:10	5f9dfd9557cf3ca96a4c7f190fc598c10f8871b1313112c9aea45dc8443017a2	exe
2021-09-29 10:58:09	bcc26c979a4d7b0afec88bdf7c864e965db3041616acea4cda1874ba476e74e0	exe
2021-09-29 10:15:01	97fa42e9f36b5e195c9c488df251a607611af5ce878a8f55067fac5de66d9ba2	exe
2021-09-29 09:24:35	c5e23e7b15649c2d49b797eba7d7b83c76d661603e1b4bde412185eac2b81982	exe	RedLineStealer
2021-09-29 06:55:37	5f9dfd9557cf3ca96a4c7f190fc598c10f8871b1313112c9aea45dc8443017a2	exe
2021-09-28 19:05:05	9b9b66a158beacb1a23877ab25c70435a43f072f76a0ba35fed9ad32f781d04c	exe	RedLineStealer
2021-09-28 19:02:10	384292cad1c05552ccbd691de48865ce75375f7e601db66b3f5cad0f8f294d6c	exe	Amadey
2021-09-28 18:07:57	ada127dc6a3232b2e9fb8d842c2709ba46b102d683768514ffc9c2eea4fe8492	exe