URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	194.49.94.97
Firstseen:	2022-12-02 08:45:06 UTC
Total malware sites :	15
Online malware sites :	0 (0%)
Offline Malware sites :	15 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-12-02 08:45:12	194.49.94.97		Not listed	AS213035 AS-SERVERION	BG	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-11-24 14:43:06	http://194.49.94.97/ww/installation_speed.exe	Offline	dropped-by-PrivateLoader Lumma LummaStealer	andretavare5
2023-11-24 09:17:06	http://194.49.94.97/ww/ffs.exe	Offline	dropped-by-PrivateLoader eternity RedLine RedLineStealer	andretavare5
2023-11-22 13:03:05	http://194.49.94.97/ww/1.exe	Offline	dropped-by-PrivateLoader RedLine RedLineStealer	andretavare5
2023-11-15 01:11:08	http://194.49.94.97/test/crypted.exe	Offline	32 exe RedLineStealer	zbetcheckin
2023-11-14 07:59:07	http://194.49.94.97/download/Service_32.exe	Offline	dropped-by-PrivateLoader PrivateLoader	andretavare5
2023-11-07 08:11:07	http://194.49.94.97/download/ext/taskman.png	Offline		JAMESWT_MHT
2023-11-07 08:11:07	http://194.49.94.97/download/rise/StealerClient...	Offline	risepro RiseProStealer	JAMESWT_MHT
2023-11-07 08:11:07	http://194.49.94.97/download/rise/StealerClient...	Offline	risepro RiseProStealer	JAMESWT_MHT
2023-11-07 08:11:07	http://194.49.94.97/download/ext/taskman.jpeg	Offline		JAMESWT_MHT
2023-11-07 08:10:26	http://194.49.94.97/download/WWW14_64.exe	Offline	PrivateLoader RedLineStealer Smoke Loader	JAMESWT_MHT
2023-11-07 08:10:23	http://194.49.94.97/download/ext/cute_goats.jpeg	Offline		JAMESWT_MHT
2023-11-07 08:10:21	http://194.49.94.97/download/ext/cute_goats.png	Offline		JAMESWT_MHT
2023-11-06 12:16:07	http://194.49.94.97/download/Services.exe	Offline	dropped-by-PrivateLoader PrivateLoader	andretavare5
2022-12-03 03:57:04	http://194.49.94.97/oso/fbuche.exe	Offline	exe Formbook	jstrosch
2022-12-02 08:45:12	http://194.49.94.97/oso/fbhans.exe	Offline	exe Formbook	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-11-24 14:43:06	92abdb4b98aada22772501d4fa60457184ad5a71e07667f06ebd2e9aef53a6b6	exe	LummaStealer
2023-11-24 09:52:12	172c25ce4a5916f38026250b5799b318751216eb858a6b1230b039527115af52	exe	Smoke Loader
2023-11-24 09:17:06	c6fbb7022c7beb3b4c840cb4d46b35f237a29ef70d6c400e673eedc55698d3c4	exe	RedLineStealer
2023-11-24 00:08:04	739219ab2729b639d38c00e92f9e80aebc3073a353a0ed135fe65d5fa5130261	exe
2023-11-23 11:34:03	99c7f829c90f7086b2092834ebe55a66b442bda9edd63b3ee553a70caf9993dc	exe
2023-11-23 11:21:53	8567834f78a0d21d37387da756af49e40dd379d46b4a556d689d00e9292498fc	exe	RiseProStealer
2023-11-23 11:03:58	b164abb77d90760b780f7373370a8ca068a56cbbf7366404d7add38a9eef7b2a	exe
2023-11-23 10:45:55	c116225b7787310fde18c8c0a9d9c01667f57f41174fdf5c8c56fab56f689990	exe
2023-11-23 10:25:22	57ac0b79b98d29972b32b1029514429658e0d1022c0d8419a63fb46fe57dccff	exe
2023-11-23 09:52:20	84e08a8f04c1518ad6dd6f5493d3afe48571916b46f504a08b208375657ab900	exe
2023-11-22 13:03:05	e3ba3128521529aa94345e7afbff46bee7a4c38eadce2e4f3a931afb22fad365	exe	RedLineStealer
2023-11-15 01:11:08	525b154b2bae8eda0627e58af0dbeaceda5cd83589a7d697700a9bc9780d8940	exe	RedLineStealer
2023-11-14 07:59:07	2cb5b2678054dd2f1b93d37a96b927830c4a7da699f061adee370807088257de	exe	PrivateLoader
2023-11-14 06:27:00	d61c704820a6336a6e625f5f6800c56755c030fd4c16d749648eeb2196bdd85a	exe	RiseProStealer
2023-11-14 06:06:38	5f9b962629b3eabbf190c2e0982062e3d795261cc209477e88f1d8c6ba016b08	exe	RiseProStealer
2023-11-14 05:17:07	9713f8c775f3ad83ffbb0987c83f7dc5bbc8646290c4a84c77e225d1d486969c	exe
2023-11-12 17:48:49	76961b32dfaa92f07b0cdf92f0b45c7e3c9acde075aeb30197e56bd3cce4c6af	exe	PrivateLoader
2023-11-07 08:11:07	2f5370312110028e933cdcb12b331523010b79293fc924ec3ff316ffcafdef23	exe	RisePro
2023-11-07 08:11:07	e9b536aa0db7a67f4ac4c3aaf2dbc0063da7494f83a93805cfc8ad8cf1278d06	crx
2023-11-07 08:11:07	a831bdc4cc298ed6563d6b3c1b0124dd4efdb71fc00af3f0a4894c1dd334350f	exe	RisePro
2023-11-07 08:11:07	a0f686dbb672bc46820508a35b5f8b16d0b6b55e9db5fa75ac0c88323206a05f	json
2023-11-07 08:10:26	1f0a1a7674ad868c99421fc13b0457de7ab612ca5948ae7cd045db355720e1fd	exe	RedLineStealer
2023-11-07 08:10:22	f0e8b7edf6de351ce20523a139205cc8adc8321a1dc932ebb8e8fb0206b55e18	crx
2023-11-07 08:10:20	247194daa85b200be352b03689ccfa68d3a5d4a0ca5a47f6f91f39a90d417b73	json
2023-11-06 12:16:07	c6185a23c51b8ac77e6c1bdf2cd4a8d39b02af8b8027d4162cf9766d19cf87c8	exe	PrivateLoader
2022-12-03 03:57:04	0646127a521c320e61c31e4ae2c035e53438d7ff8d25e28cd7150367f40d9504	exe	Formbook
2022-12-02 08:45:06	3cfd81b824673a6ba23d472bd09d5e7610a3346cce6f23956507af5eab63c012	exe	Formbook