URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	194.49.94.120
Firstseen:	2023-11-13 07:45:07 UTC
Total malware sites :	10
Online malware sites :	0 (0%)
Offline Malware sites :	10 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-11-13 07:45:31	194.49.94.120		Not listed	AS213035 AS-SERVERION	BG	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-11-21 04:33:10	http://194.49.94.120/TrueCrypt_ptqlwc.exe	Offline	64 exe RedLineStealer	zbetcheckin
2023-11-20 06:25:16	http://194.49.94.120/TrueCrypt_gHOteF.exe	Offline	64 exe Smoke Loader	zbetcheckin
2023-11-18 05:16:12	http://194.49.94.120/TrueCrypt_ypAWBs.exe	Offline	64 exe LummaStealer	zbetcheckin
2023-11-18 02:52:11	http://194.49.94.120/TrueCrypt_KlHkcF.exe	Offline	64 exe RedLineStealer	zbetcheckin
2023-11-17 12:47:11	http://194.49.94.120/TrueCrypt_vlBfql.exe	Offline	dropped-by-SmokeLoader RedLineStealer	Casperinous
2023-11-17 06:49:04	http://194.49.94.120/TrueCrypt_TANEZr.exe	Offline	exe	dms1899
2023-11-15 00:23:16	http://194.49.94.120/TrueCrypt_lDwnwJ.exe	Offline	64 exe LummaStealer	zbetcheckin
2023-11-14 16:02:13	http://194.49.94.120/TrueCrypt_yhvFvl.exe	Offline	dropped-by-SmokeLoader LummaStealer	Casperinous
2023-11-14 08:21:15	http://194.49.94.120/TrueCrypt_KSfcnd.exe	Offline	dropped-by-SmokeLoader RedLineStealer	Casperinous
2023-11-13 07:45:31	http://194.49.94.120/TrueCrypt_tvCfZF.exe	Offline	dropped-by-SmokeLoader RedLineStealer	Casperinous

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-11-21 04:33:09	eddca180dad09d4696d073062e6918ec312cdc4d702f60792103bd972ad8b237	exe	RedLineStealer
2023-11-20 06:25:16	ffa4c275493b09b2d8cc6cc49eda4e13078365415b6890e0762b002f823029ec	exe	Smoke Loader
2023-11-18 05:16:12	9238c171562445544ce308adc17671989161094ce95d984bda7c3a7d8b92136b	exe	LummaStealer
2023-11-18 02:52:11	8e84c3f1e414895725a5960853eb72990a02c488d76ab5c65ced8a539dce2ecd	exe	RedLineStealer
2023-11-17 12:47:11	16c61a49974e3e90f1c0514b86cdb70e4464ef0aa1620ee18d30233985ebcbd9	exe	RedLineStealer
2023-11-15 00:23:16	ff8973e265cde0ecfc91cb81ae4af75946b2cfcaa772b5cd1390c176e788175f	exe	LummaStealer
2023-11-14 16:02:13	c309b4f0f99e1686e9bc954da81701b3fd26cfccd17627cde55df929fb712311	exe	LummaStealer
2023-11-14 08:21:15	4f3d3b8e805a031fe8eeb47dca418fcbcade5d0190ecdee8930e942c9b4028ea	exe	RedLineStealer
2023-11-13 07:45:31	8f572436d4a7b8ea6f2a3e0cb987fb609afb575133d706938c9fd4b4a3117d2d	exe	RedLineStealer