URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 198.12.107.117
Firstseen:2021-09-17 18:24:02 UTC
Total malware sites :10
Online malware sites :0 (0%)
Offline Malware sites :10 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2021-09-17 18:24:04 198.12.107.117198-12-107-117-host.colocrossing.comNot listedAS36352 AS-COLOCROSSING- USyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-11-24 18:26:03http://198.12.107.117/70007/vbc.exeOfflineAgentTesla ext exe Neshta opendir abuse_ch
2021-10-05 09:53:04http://198.12.107.117/winx/vbc.exeOffline32 exe Neshta zbetcheckin
2021-10-05 09:44:04http://198.12.107.117/invoice/gyty.wbkOfflineAnonymous
2021-10-05 09:44:04http://198.12.107.117/0789/vbc.exeOfflineFormbook ext Neshta Anonymous
2021-10-05 07:01:04http://198.12.107.117/8570/vbc.exeOfflineexe Formbook ext Neshta opendir abuse_ch
2021-09-17 21:09:08http://198.12.107.117/excel/vbc.exeOffline32 exe Formbook ext Neshta zbetcheckin
2021-09-17 21:09:05http://198.12.107.117/wd/vbc.exeOffline32 exe Formbook ext Neshta zbetcheckin
2021-09-17 21:09:05http://198.12.107.117/word/vbc.exeOffline32 exe Formbook ext Neshta zbetcheckin
2021-09-17 20:57:04http://198.12.107.117/av/vbc.exeOffline32 exe Formbook ext Neshta zbetcheckin
2021-09-17 18:24:04http://198.12.107.117/winz/vbc.exeOfflineexe Formbook ext Neshta opendir abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-11-24 18:26:0333702123367a61205015471b83b3746161f9b85b0a5106bdee6f7b7bf18d65c0exeNeshta
2021-10-06 10:19:13934615bde495d4cbbfd0178c6eea46804cb19a447db1a8781bb43c5986012cbbexeNeshta
2021-10-06 10:18:22934615bde495d4cbbfd0178c6eea46804cb19a447db1a8781bb43c5986012cbbexeNeshta
2021-10-05 09:53:041a0e2480076fc22a18ad51c79af447258a2615da953058a46b938d84ca6603a4exeNeshta
2021-10-05 09:44:0421350c749a15b06efda33cae533086eab02ef83685d539556407633676de94bbexeFormbook
2021-10-05 09:44:044fe2dad2a4aa831e4c64fed6a52949e7d9eff9dee767efe9ff91ccfc1eb00dc7unknown  
2021-10-05 07:01:0421350c749a15b06efda33cae533086eab02ef83685d539556407633676de94bbexeFormbook
2021-09-26 08:31:041a0e2480076fc22a18ad51c79af447258a2615da953058a46b938d84ca6603a4exeNeshta
2021-09-26 08:30:48515f1994cd7f6a4e2a5e642f6905d9897e22abceaaaf235a2bb3ed7835818874exeNeshta
2021-09-26 08:29:10a0a1e9b62191e07ea98956e62287d3a9fadc0b6dbd7d6e60a755d2396b35fad6exeNeshta
2021-09-26 08:24:04a0a1e9b62191e07ea98956e62287d3a9fadc0b6dbd7d6e60a755d2396b35fad6exeNeshta
2021-09-26 07:58:18515f1994cd7f6a4e2a5e642f6905d9897e22abceaaaf235a2bb3ed7835818874exeNeshta
2021-09-17 21:09:0804e98a900ca361b68ebcfbad6453ddc626d93c8afb13916c18dd0e9648187566exeFormbook
2021-09-17 21:09:0504e98a900ca361b68ebcfbad6453ddc626d93c8afb13916c18dd0e9648187566exeFormbook
2021-09-17 21:09:05a41ba93183d03c4cf6b138170fab1d15c306918bb4acd1c2cbc3ee53765e5564exeFormbook
2021-09-17 20:57:04a41ba93183d03c4cf6b138170fab1d15c306918bb4acd1c2cbc3ee53765e5564exeFormbook
2021-09-17 18:24:044e18d364c4fa2db105557cf8105e5e3d77c9d7a06590b4f897051f99014da5beexeFormbook