URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 193.124.22.8
Firstseen:2022-05-24 15:09:02 UTC
Total malware sites :14
Online malware sites :0 (0%)
Offline Malware sites :14 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2022-05-24 15:09:05 193.124.22.8Not listedAS26383 ASNET- LVyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2022-07-23 15:55:06http://193.124.22.8/damn.exeOfflineexe RedLineStealer ext abuse_ch
2022-07-19 15:38:05http://193.124.22.8/xiaomi.exeOfflineexe RedLineStealer ext abuse_ch
2022-07-12 21:04:05http://193.124.22.8/copy.exeOffline32 exe RedLineStealer ext zbetcheckin
2022-07-04 18:44:04http://193.124.22.8/summer.exeOffline32 exe RedLineStealer ext zbetcheckin
2022-07-02 00:26:03http://193.124.22.8/kaper.exeOffline32 exe RedLineStealer ext zbetcheckin
2022-06-30 00:14:04http://193.124.22.8/salo.exeOffline32 exe RedLineStealer ext zbetcheckin
2022-06-09 15:48:05http://193.124.22.8/forto.exeOfflineexe RedLineStealer ext vxvault
2022-06-04 02:35:05http://193.124.22.8/salsa.exeOffline32 exe RedLineStealer ext zbetcheckin
2022-05-30 04:40:33http://193.124.22.8/samka.exeOffline32 exe RedLineStealer ext zbetcheckin
2022-05-25 07:38:04http://193.124.22.8/lovera.exeOfflineee RedLineStealer ext abuse_ch
2022-05-24 15:10:06http://193.124.22.8/solana.exeOffline32 exe RedLineStealer ext zbetcheckin
2022-05-24 15:10:06http://193.124.22.8/end.exeOffline32 exe RedLineStealer ext zbetcheckin
2022-05-24 15:10:06http://193.124.22.8/camera.exeOffline32 exe RedLineStealer ext zbetcheckin
2022-05-24 15:09:05http://193.124.22.8/demon.exeOffline32 exe RedLineStealer ext zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2022-07-23 15:55:0670b1258213ac2f4bf8d31993ac1fb61fe7aec5104c9f16986461fa73793b8c7fexeRedLineStealer
2022-07-19 15:38:053107700712e02a55dc0f6ca2ab2bf34ff73e3c31d0f5e4811853d832eb14b5e6exeRedLineStealer
2022-07-12 21:04:05147a2fc143ea0b966da81e576ff93c5f808f2df60a13b426bb842dfeeb6c4719exeRedLineStealer
2022-07-04 18:44:046c3c4bd6eaf42f187fd210cce41bbaf0343ce67f9029403e7626f50ec6aab2a4exeRedLineStealer
2022-07-02 14:22:35f0998742f2e58ad45f39ba8e11d646635042bbc6b85e02ee3f3a661da5cff0f9exeRedLineStealer
2022-07-02 01:06:34653d5351b00090f3574a9e6406cf17b0646887f17c404e3665ec645d1c3e9e68exeRedLineStealer
2022-07-02 00:26:0364317b8505f2a11b5fdc20a77c9699eaf97c1faa848b80652fd53c3603a20586exeRedLineStealer
2022-06-30 00:14:04804892a9435ceb976369b96b9afd465c774f862d5ca98cb7fb602a673b775a4dexeRedLineStealer
2022-06-09 15:48:0589fa3b0f03b9987da574b9f8c70f0086fce2a3029a707f5ee9712eeaca05b2d2exeRedLineStealer
2022-06-04 02:35:05843a82d901ad671ab4f033657c08954a8349aff9c0f59eed8869c1a12b82f90fexeRedLineStealer
2022-05-29 22:37:07cfa68ef922dcfc909b9464418f74a6c1ebe3cdef3df406d7fdb9114862ee2eb2exeRedLineStealer
2022-05-25 07:38:04714bde2296a983ef2f67fd6a0923b73260e4900a102e948c1b811ec85fc36933exe RedLineStealer
2022-05-24 15:10:06e76a0f40107c99948a45a2fe5b34172bbbbe64d33b5161469522dd9be998800aexeRedLineStealer
2022-05-24 15:10:06cd4b9c0b8171d21175b6a9b8e7ad069e2bd3a95e9e6064cda335bd6917d0830aexeRedLineStealer
2022-05-24 15:10:068fe90f9a21cf8dc1a12a65981181a379ed9fff48b212a77c4897cbfaee7cac7bexeRedLineStealer
2022-05-24 15:09:04c012706c5eae424257a95b5ed2741f6b29dc4fb6e4a420f489ad4c422533fb8bexeRedLineStealer