URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	2.58.149.200
Firstseen:	2022-03-22 16:26:03 UTC
Total malware sites :	22
Online malware sites :	0 (0%)
Offline Malware sites :	22 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-03-22 16:26:33	2.58.149.200		Not listed	AS212238 CDNEXT	NL	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-06-24 05:42:04	http://2.58.149.200/somx.exe	Offline	exe Loki	abuse_ch
2022-06-23 10:32:04	http://2.58.149.200/evalax.exe	Offline	32 AveMariaRAT exe	zbetcheckin
2022-06-22 22:13:03	http://2.58.149.200/venta0.exe	Offline	32 exe SnakeKeylogger	zbetcheckin
2022-06-17 13:53:03	http://2.58.149.200/32/mbo.exe	Offline		c_APT_ure
2022-06-14 08:06:03	http://2.58.149.200/bdel.exe	Offline	32 AgentTesla exe	zbetcheckin
2022-06-13 21:44:05	http://2.58.149.200/nedx.exe	Offline	32 AgentTesla exe	zbetcheckin
2022-06-13 20:13:04	http://2.58.149.200/mbo.exe	Offline	32 AgentTesla exe	zbetcheckin
2022-06-13 08:54:04	http://2.58.149.200/explot/mob/mobd.exe	Offline		c_APT_ure
2022-06-13 08:54:03	http://2.58.149.200/explot/doc/docv.exe	Offline		c_APT_ure
2022-06-09 07:54:04	http://2.58.149.200/nedsx.exe	Offline	exe SnakeKeylogger	abuse_ch
2022-06-09 07:53:03	http://2.58.149.200/sNop.exe	Offline	AveMariaRAT exe rat SnakeKeylogger	abuse_ch
2022-06-09 07:53:03	http://2.58.149.200/rcwpQWE1.exe	Offline	AveMariaRAT exe rat	abuse_ch
2022-05-26 02:13:04	http://2.58.149.200/Lifeleaf2.exe	Offline	32 exe GuLoader	zbetcheckin
2022-05-24 23:27:03	http://2.58.149.200/explot/gob/gavac.exe	Offline	32 exe Loki	zbetcheckin
2022-05-24 19:49:04	http://2.58.149.200/explot/ab/abl.exe	Offline	32 exe Loki	zbetcheckin
2022-05-24 18:56:04	http://2.58.149.200/explot/ebguy/ebug.exe	Offline	exe Loki opendir	abuse_ch
2022-05-01 04:26:03	http://2.58.149.200/explot/agu/agu.exe	Offline	Loki lokibot	pr0xylife
2022-04-28 06:59:04	http://2.58.149.200/explot/mob/mebx.exe	Offline	exe Loki	abuse_ch
2022-04-28 06:59:04	http://2.58.149.200/explot/ned/nedx.exe	Offline	exe Loki	abuse_ch
2022-04-12 12:02:04	http://2.58.149.200/explot/ebguy/sanx.exe	Offline	exe Loki opendir	abuse_ch
2022-03-23 09:54:03	http://2.58.149.200/explot/ned/nd.exe	Offline	AgentTesla exe	abuse_ch
2022-03-22 16:26:33	http://2.58.149.200/explot/mob/mob.exe	Offline	AgentTesla exe	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-07-06 07:41:59	f3d286d8a5034375b26d246fbe6c52ae805168a6a5a9fe64e8354ad0886d0e11	exe	AgentTesla
2022-07-05 17:40:05	1b4be95bfee9339ccccf401c3f20090a9945bbd80c6ba480315db116cb46b6dd	exe	AgentTesla
2022-06-24 05:42:04	e99f0195f624b2fa3304e3449916bb65bbcba86838a23020bd49cefa1b10065d	exe	Loki
2022-06-23 10:32:04	0e4ad18e1078eccf7911e552ca943984c583c1efe7fa4672dbaa9ee6fc759424	exe	AveMariaRAT
2022-06-22 22:13:03	b3c1d0252adba6ec3d9209c8e79e934ae8a43d3b8f6bc1e1f29df40d6fedf04e	exe	SnakeKeylogger
2022-06-14 08:06:03	5b960ec264664c624798db69996efaee5a732557ee3ac8f6b9717233e073c0af	exe	AgentTesla
2022-06-13 21:44:05	5115d6bc2463203dc0ec2fcda3ca9a3c4e17892d6c79053d9c748cd752966a31	exe	AgentTesla
2022-06-13 20:13:04	a0ccc4fe9ce9e08e5cba330fdb9e824c4712b9388c035e2caac957d64580db37	exe	AgentTesla
2022-06-09 07:54:04	f28ffd61c5a3328550372b96d415ec112a6065c88821a519b50c4355df80a346	exe	SnakeKeylogger
2022-06-09 07:53:03	08bbf746d956d22bbb5068c212f3e743538d20e51d7bc14b075361cd4eadaa5d	exe	SnakeKeylogger
2022-06-09 07:53:03	87d3f9671d02f12f33c3856593bd3568b0b1932e5b263fc9035f8006f1b23d7b	exe	AveMariaRAT
2022-05-26 02:13:04	1be03967a615254ca0b3eba8b5aaa6b5f5c91c9f03d4fe2692b3675f93c0b26d	exe	GuLoader
2022-05-24 23:27:03	733fe12344bc6e3ee3220031671c15d312007ff1d664a8f54ba7d98cbf0610ef	exe	Loki
2022-05-24 19:49:04	51fcaaed0a9b1ed4b45d70828527990da0b6dd7f17938383e0cbd931376702a0	exe	Loki
2022-05-24 18:56:03	f0d331eae40b27d0c64cbaea0e09e423f5872fbdef8b36e7cf4ea4295ca47acf	exe	Loki
2022-05-01 04:26:03	87bfad2cfa3d233cd6e5ee781bde7ffd9355131993ea1bb3f9412e58125c8ea9	exe	Loki
2022-04-29 08:23:41	34233068e267ac561ccd8ee82c42d87f572ab92c6d54c48d35c2d6e87a90c3bd	exe	Loki
2022-04-28 06:59:04	92896afd836208b63ec1d1e850a5b5278de069772f3dc638de35cdc69aa9102c	exe	Loki
2022-04-28 06:59:04	e891522137cc5ea74e8c3576cdc3a8a8114ca4bc379b7c7b48896d3e5d553b31	exe	Loki
2022-04-12 12:02:04	5833bb5b323155bc7055ccec5ce39e093901b609ccde004f104857abca656c3a	exe	Loki
2022-03-24 10:05:43	ee6901e9c2d103989b74a55d91b9cf734b19a177daf8f8561e0d805bf5544e6e	exe	AgentTesla
2022-03-24 09:51:41	0d1a7b5c97ef2fd1275597ba27759208cb2540b4675837a14c86bef5d4effa1c	exe	AgentTesla
2022-03-23 09:54:03	e8113cb73f2c87ceece965da48e6f55a222fa92c6800c069babe30dfd76db633	exe	AgentTesla
2022-03-22 16:48:28	8e655c6ae80c8d8ea8c4adc15ac7aded61dac1126faa674a0ef1665df616bc9f	exe	AgentTesla