URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 185.215.113.37
Firstseen:2024-09-20 22:32:05 UTC
Total malware sites :25
Online malware sites :0 (0%)
Offline Malware sites :25 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2025-03-05 08:56:04http://185.215.113.37/Offline JAMESWT_MHT
2025-03-05 08:56:04http://185.215.113.37/e2b1563c6670f193.phpOffline JAMESWT_MHT
2024-10-20 18:19:22http://185.215.113.37/0d60be0de163924d/nss3.dll?OqOffline abus3reports
2024-10-20 18:19:18http://185.215.113.37/0d60be0de163924d/msvcp140...Offline abus3reports
2024-10-16 19:25:23http://185.215.113.37/0d60be0de163924d/nss3.dll?TOfflinedll Stealc abus3reports
2024-10-16 19:25:18http://185.215.113.37/0d60be0de163924d/nss3.dll?4Offlinedll Stealc abus3reports
2024-10-16 19:25:17http://185.215.113.37/0d60be0de163924d/mozglue....Offlinedll Stealc abus3reports
2024-10-16 19:25:15http://185.215.113.37/0d60be0de163924d/msvcp140...Offlinedll Stealc abus3reports
2024-09-21 14:57:06http://185.215.113.37/vera/nate.exeOfflineAmadey exe MarsStealer Stealc abus3reports
2024-09-20 22:40:11http://185.215.113.37/test/random.exeOfflineAmadey exe MarsStealer meduza NDA0E
2024-09-20 22:40:10http://185.215.113.37/steam/random.exeOfflineAmadey exe MarsStealer Stealc NDA0E
2024-09-20 22:40:10http://185.215.113.37/test/wels.exeOfflineexe NDA0E
2024-09-20 22:40:10http://185.215.113.37/well/random.exeOfflineexe NDA0E
2024-09-20 22:40:09http://185.215.113.37/mine/random.exeOfflineAmadey exe Stealc NDA0E
2024-09-20 22:40:07http://185.215.113.37/test/file.cmdOfflinecmd NDA0E
2024-09-20 22:40:07http://185.215.113.37/test/no.ps1Offlineps1 NDA0E
2024-09-20 22:40:07http://185.215.113.37/test/do.ps1Offlineps1 NDA0E
2024-09-20 22:38:08http://185.215.113.37/0d60be0de163924d/nss3.dllOfflinedll Stealc NDA0E
2024-09-20 22:38:06http://185.215.113.37/0d60be0de163924d/msvcp140...Offlinedll Stealc NDA0E
2024-09-20 22:38:06http://185.215.113.37/0d60be0de163924d/softokn3...Offlinedll Stealc NDA0E
2024-09-20 22:38:06http://185.215.113.37/0d60be0de163924d/mozglue.dllOfflinedll Stealc NDA0E
2024-09-20 22:38:06http://185.215.113.37/0d60be0de163924d/freebl3.dllOfflinedll Stealc NDA0E
2024-09-20 22:38:06http://185.215.113.37/0d60be0de163924d/sqlite3.dllOfflinedll Stealc NDA0E
2024-09-20 22:38:05http://185.215.113.37/0d60be0de163924d/vcruntim...Offlinedll Stealc NDA0E
2024-09-20 22:32:08http://185.215.113.37/doun/game.exeOfflineexe MarsStealer opendir Stealc NDA0E

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2024-10-20 18:19:22ac5c92fe6c51cfa742e475215b83b3e11a4379820043263bf50d4068686c6fa5dll  
2024-10-20 18:19:175136a49a682ac8d7f1ce71b211de8688fce42ed57210af087a8e2dbc8a934062dll  
2024-10-20 09:34:3524a1a6e32887946b2def9ada857aa637f9ea3843b50d8aa8b6566cba925cf1f5exe CredentialFlusher
2024-10-20 08:39:246a85e59451fe8375e98025a2aa109b31467b4b07e712c264913e5e18f098e32dexe CredentialFlusher
2024-10-20 05:16:001b2498128c6585bf47a1d1d2cfcf0e27c635d3056d61a7a6a908b5eacb70fa4fexe  
2024-10-20 03:53:21f2a77c9be5a746a05f3150f6c85e3b1b3686b984e2318f0e06c85f079a0e2365exe CredentialFlusher
2024-10-20 02:34:53f2398bc33f48a7f96519a63230c2c87ff8813714f1f25f6603e642d1cc4def80txt  
2024-10-19 23:57:04f2398bc33f48a7f96519a63230c2c87ff8813714f1f25f6603e642d1cc4def80txt  
2024-10-19 22:44:18783d1dde73aa752686fbcacf508f10c4ac1b2cf7a7f9ae2eea6a7e240946028cexe CredentialFlusher
2024-10-19 22:42:069aef4d6b03461362b60ef073e39840b7855b2feda089481b018adb7b354ece46exeMarsStealer
2024-10-19 21:00:34d46b70f75a2a1b3fd98e6e21351bed5cc4ae21cf47d1ea7cb71dbf99c746479fexeCredentialFlusher
2024-10-19 19:48:23392212516582730b522c0f5ac6571d79820a013ea1b67ea84ef37cbfcbb43b3eexeAmadey
2024-10-19 19:45:273c73488f5c63d81103af62e551f25f702248643abbff87cab2a4092e6b42c517exeStealc
2024-10-19 19:22:49e292046615dae8ac5c0fe6f7856debc51b169e0507deaab5e50a72322aadfce3exe Amadey
2024-10-19 17:45:07a050cf7210088f1a0793b7a406f043ddaec79097306dd987831a315941cb7ab3exe CredentialFlusher
2024-10-19 17:17:03ea30cf34120814d49f86ff116d1bd764cc052e98301907231b0de40c4addee53exeMarsStealer
2024-10-19 16:16:53b4f346dc6e44f162b31b575bd30b86c32bd5311b7d5a60487486e920026db83bexe Amadey
2024-10-19 15:47:3206490048b1340c4aa23fc23ed58e2dfd986f01a7c5f9ebd80731825c31bdd023exeStealc
2024-10-19 15:15:3503fb02d8c17b6045f4eaedf928e5322ed7be0b3aff480626411ec0c1aa00a295exe Amadey
2024-10-19 14:38:116bb48b90126fe405f20c8d3b6e8d2852ae1cae99ac50a1d558faafb76d0c0a25exeMarsStealer
2024-10-19 13:46:01c8c385227d63abe734794c6ba3434b873d2cd116e860054cba155961a98cb22aexeMarsStealer
2024-10-19 13:27:148419ff3318789e1c5aea2a8cf50779db4ae1a2030ddc40ffc7140456fcc079c7exeCredentialFlusher
2024-10-19 13:04:41b3d9faae250f06e5a506da1c1a48830bd66a8462c8de18ed7b0aeac6a83d21eaexe Amadey
2024-10-19 11:08:4808e83e0a03fbacc16c9a300fee4912e0baca2e153298d107bd4f14c3a10cd9a1exe Amadey
2024-10-19 10:11:0713a3096473b13354319203b17982cf112a45cfca7931f31e6e87dbf750efa955exe CredentialFlusher
2024-10-19 09:16:34c2bfdbe7725806b45a67d5ef23904d89749621496798eba82b49eef873832c73exe Amadey
2024-10-19 08:26:2873b939353dad667a241a0b264ac45b6ace4c1174f09f90a384ee1be959b711a8exe MarsStealer
2024-10-19 07:33:446a839287741f9f362298f286c1622e19988c9e76537d0e781ef5e825ae6e0c06exe Amadey
2024-10-19 07:12:58488d50dc48b4a4a149436efbbade88c7307a37f281cd6ffec368c4b2a65d5b84exe CredentialFlusher
2024-10-19 06:45:096b74853cf0128c87e098f0a9d4168f072401c3b529d5b3c54da2adad8d534af3exe CredentialFlusher
2024-10-19 06:09:11a420e075748018137aabf72410344fb458aa30cfca32d80a209e510ff974e04bexe MarsStealer
2024-10-19 05:15:08d9fecd425bd053e95c41564c1eaad8c2c9a926449fcf1bd25eea8fda9666fc64exe Amadey
2024-10-19 02:35:467f883df6d5ecb81f05a243d43863cc177cd9057a1e67a521e8d82b293f7a46beexeCredentialFlusher
2024-10-19 02:13:36d78f2d3ace275a5ab4da15c97437626ffdfa2c5a0cc9607715f497b8b9e59efdexe MarsStealer
2024-10-19 02:12:459f960ccfaeb535fe9859c9ad64bea2220223496f08b398db0c077127f3507403exe Amadey
2024-10-19 01:25:4329e7abcd4f76e692dee8f94f5c6afad8688a9ec4c48d30d65b413fe11248450aexe MarsStealer
2024-10-19 01:10:4218db8227563e7d8c1bb075a8d1916037472a243378931f8bb432b11d800cc987exeCredentialFlusher
2024-10-18 23:25:02ed5c4ee36950ac1f8d2667fe3d0b3f833a08d4640627a2ad2751b03e011984c3exe Amadey
2024-10-18 23:04:09745112a2e091735138699c4a53d572e789667f59c5bfe2f32e69b408b055fbb1exe MarsStealer
2024-10-18 22:34:45d3e273f638b153e86b7b11aba1b8554e66ef4c000d2304527df909637ac83a90exe CredentialFlusher
2024-10-18 22:00:44d554febd0aa2aaf2b863d2a4e698b6aade8f6a89ec0c2f4f7a77aa51d1d37c5dexe Amadey
2024-10-18 19:38:295827945a1fdf356e81e5e2d702a2f0e1f4745a5511667c27d791f44e2da32473exe Amadey
2024-10-18 19:15:44119b89df2b6535ac5ff5f33da1e1de1099764cf0216f5d58390d5ee20fa19f97exeStealc
2024-10-18 18:48:31ad1c5ccefdebe96303be252e4109bb8e8e8747c4694d28fe802c260d3d858bd3exeMarsStealer
2024-10-18 18:39:1880563829fbad0211a3ac8287c568bb00aca56abcd9afe8926e5523c07aacc864exeCredentialFlusher
2024-10-18 18:16:12e6fdd299d8c77c150ae5bcd16d0d8e00d0f3e5f17082e2fb0b602e7955af5889exeCredentialFlusher
2024-10-18 16:25:29950e11c10a48346548a16423e35449aa287783af324c02fe9b23c861f9e2dfacexe CredentialFlusher
2024-10-18 14:36:24a430b651d8d5e7f7a801122ee5c8608a8b766cf87447119f153a8a44940529bfexeMarsStealer
2024-10-18 14:36:037c9967cda199d3806a18d175bb5d93c446983c5f1bf7022885c16e6c8b3ed421exe Amadey
2024-10-18 13:54:553acf89fbff7a92cef2d93c0289f41386899a519b5c399fedad145c67af2c9972exe CredentialFlusher
2024-10-18 13:33:114a5ac977416f402bc4d5f8e86c297534c80c2200bef6dc478dd7c068a169bcaaexeStealc
2024-10-18 12:26:487e8edf4c5fbdfbe330d915254add6c2b8e89e76f65717d26c59089ac5de9c173exe Amadey
2024-10-18 10:54:25204c6f5f91619da30a5b6b5fa248c00479781e965b015f8b92e88bcc18f0b53cexeMarsStealer
2024-10-18 10:46:06b2ca339348b96f44332e793a4a47f042adb585a11e3bf7646af5cbdf9d09b406exeMarsStealer
2024-10-18 09:46:05d6c36db5b37101e2db21593765dd41497b4e3eb9ed8bec577189db6bc4c1228eexe CredentialFlusher
2024-10-18 09:21:1955f3f3149d53221caaaff0ade5493c3d122edd3e4c954d609707323cf3718cdeexeAmadey
2024-10-18 07:41:4465e7fa45610fb8431b953ec50cf4ea0423936a9cb36e0b2aa194437c2756aa64exe Amadey
2024-10-18 06:14:4152cc7575a5d77f0e85112b655e18b22ed2f93d094a8f71a08ef9f41fb34e696aexeMarsStealer
2024-10-18 05:08:180f5d70a5a68b6555a38e7f3dbc8cdddca0154dc00b8b69514ac8721512f7e439exe CredentialFlusher
2024-10-18 03:53:05a74027cd26c4f2e4de8eff7a975fb47422b7a10880a91fdfa5c0ae8f69464f56exe Amadey
2024-10-18 03:38:25301a01d90f184a563152692601db249a6f0da1ce42b1a0c9f447381d060d4ce0exeMarsStealer
2024-10-18 03:02:364b30f946b1d5f4f1079a5256a182f44dd86b1010792fe2f7c135950f151470efexe CredentialFlusher
2024-10-18 02:26:02a3794b1157f09dc2fd949819b11fec054f2b1d91aebe709229110c7497388f8eexeMarsStealer
2024-10-18 00:21:37b87982c116619d874f796255567dd246b845966f9a15fa7b89ce9f2f9436a99dexe CredentialFlusher
2024-10-18 00:00:23ba2705c0de920836f53280e52a0277851b091dda4936ae3bee69e6e16afc29b2exe Amadey
2024-10-17 22:52:38c31b55dad459662e001ecdb87112184a31241a406e4820a649378f11ea5f4828exeMarsStealer
2024-10-17 22:23:21cf4276632e0ca8e939fecf5c9ff5333dc052a7bcbd492ea42daee00826a6445dexeCredentialFlusher
2024-10-17 21:38:1418730c41b83d1cd89ca9186d31cc2d88b9cb434f2a3a71014e44b2c0c00a076aexe Amadey
2024-10-17 20:26:2963463739317a1ed961a283d0e8637e6502cc3a0e6d333d42d9843dfb5188219dexe Amadey
2024-10-17 19:57:426d58a785d4a59f244c03ee0a3f801fe5ee5c0eef4979925af2c86dac5af162c0exeMarsStealer
2024-10-17 18:49:47e8514f76167e4a936cb10f853d7b5fc0e8c8b7cf61fc49c3b62e776b7fb09c85exeCredentialFlusher
2024-10-17 17:43:545f0615746e2e7ac226889e7e86f773dbc46cfd78fca042ef851cae2f9968d748exeStealc
2024-10-17 17:17:09c851d78604b1ab3c5415739eaf2d22383fbb4d440d6a7044f85888bcc4c80fd7exe CredentialFlusher
2024-10-17 16:52:270c30d4c02fe2d4d03e18e6721ef8ec352b3734e70d826adf6fc419284ba4c4e4exe Amadey
2024-10-17 16:34:23f0602098a01c89e7019805fefab30e135d72ea9827da29fdb1c4b6ad5735dfe6exe CredentialFlusher
2024-10-17 16:17:500f299402f16d180d828145b883c30877c0ac28e63e27e1b38a2384c4f7fc57f7exe Amadey
2024-10-17 14:24:17585aa961f040060a6602467e36be71717e80cb9d94a6f1753d8d09e2592a781dexe CredentialFlusher
2024-10-17 13:37:45f83a03286326a37c2b3302db516dc4225f3c271d5989684ee8b41c1b2f5046cfexe Amadey
2024-10-17 12:34:599a30602027dae451db62a56ec35407da31fd3c906e043784fc8e07787689eb39exeMarsStealer
2024-10-17 11:55:29dcc242abb9ecdd338d64c89bff1d1e596503f821af9dcc47ed85f46a9125ba5bexeStealc
2024-10-17 11:24:065e8ec4ad99edcc5c76047143a6c0f10182b329b42118106ff98aea97deb4d134exe Amadey
2024-10-17 10:42:1455fd65f82d8204e76515cfed14eb260282a7675d2cad582c6427d6375ee3dff8exe CredentialFlusher
2024-10-17 10:18:47b41a23390fdd4a912710dce9cf9585daed3ef95f06ebf96820f86a3fa8b46a0dexe Amadey
2024-10-17 10:09:109aa48c5a6c9a12a13879bfa3155e70aa22d1ef9c5c8afb15c07b150d5560a0caexeMarsStealer
2024-10-17 09:36:508c46062524d4d79d7a670b3bb0746a1f86cfe72bf93239ddca3abad4f7c37e73exe CredentialFlusher
2024-10-17 08:21:288bd2fe3bf67175888109452fcba5b14151bf154dc25cab07bf487ddc1d937a8dexeMarsStealer
2024-10-17 07:35:011baea8bd7a6df390b9bd77ce75f6ab87190faf2d399152b742464b917ad29665exe Amadey
2024-10-17 06:58:15ef3cc71cfca8171d62d8d17c127390e0c8c2afc1538bff1e1aaef7d6fe8755bbexe CredentialFlusher
2024-10-17 06:02:20ffde571d5d013df0ccf73fcbc25685a3d3ff4e1b584e8d82e01c75b988573bdeexe Amadey
2024-10-17 03:25:03382543e9c2a35ef39ae93bcc064583be87e81104a551ee9fa0a9ae5c03b23e50exeMarsStealer
2024-10-17 03:04:00821cd5b8c2d181f93949a3ca3a0b9a6c4dba338d9e5ddcc7981c565a068cdf3cexe  
2024-10-17 01:18:32ea5200241e170fb0d67fa570bab915bf8d94b99c86bf699b40b30fca200b7753exe CredentialFlusher
2024-10-17 00:08:5843a7e81dbc108badea1cdbfd26a27d00d850ff166c65528aa01994d6fa3d5759exe Amadey
2024-10-17 00:05:00509e6a2257a35c4010c497bb0f3696310fc6846442a5655ad1e712c43bfb1e10exeMarsStealer
2024-10-16 23:15:191a94676eac7f165e6d7305c7af0a591cf7fb0b8364888d02d4cbf7363144e303exe CredentialFlusher
2024-10-16 23:04:4456e83fec3d675b79a4de81914642641608d800a4036f011fd0706486d6d29cb1exeMarsStealer
2024-10-16 22:19:3097f278c27291af0755950b12d9d8cddb794aac9958ca35814c77fdcc6a0259acexe Amadey
2024-10-16 21:03:220fa91c69dfa558d05dac5869f15e3e2c1f87703e0b4bd53ef50216ffbde37934exeMarsStealer
2024-10-16 20:52:13333abda0e19977f138c3b599ebb94ef4f6e67f463d77fea6b87a89a045b30e47exe Amadey
2024-10-16 20:21:070fe0c58632d35e057c4e0eb308d2042ff85117d1d79c50a5457d6c7703d15589exe CredentialFlusher