URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 213.111.156.64 |
|---|---|
| Firstseen: | 2025-12-19 11:42:07 UTC |
| Total malware sites : | 7 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 7 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-12-19 11:42:09 | 213.111.156.64 | dedicated.sollutium.com | Not listed | AS43641 Sollutium-NL |  NL | yes |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2025-12-19 11:43:06 | http://213.111.156.64/d/licensecheck.bin | Offline | shellcode ua-wget |  NDA0E |
| 2025-12-19 11:42:09 | http://213.111.156.64/d/ranresrefl.dll | Offline | BlackMatter dll ua-wget | NDA0E |
| 2025-12-19 11:42:09 | http://213.111.156.64/d/rr.exe | Offline | BlackMatter exe ua-wget | NDA0E |
| 2025-12-19 11:42:09 | http://213.111.156.64/d/LB3_pass.exe | Offline | exe lockbit ua-wget | NDA0E |
| 2025-12-19 11:42:09 | http://213.111.156.64/d/exchsync365.exe | Offline | AdaptixC2 exe ua-wget | NDA0E |
| 2025-12-19 11:42:09 | http://213.111.156.64/d/Program.exe | Offline | AdaptixC2 exe ua-wget | NDA0E |
| 2025-12-19 11:42:09 | http://213.111.156.64/d/clinfossl.exe | Offline | AdaptixC2 exe ua-wget | NDA0E |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2025-12-19 11:43:06 | 9625ef6d77e079902330f253878dba4cab870889d365036c5f82c35ed73cb200 | unknown | ||
| 2025-12-19 11:42:09 | cd6d48db36adc645d60d4e68e6e154f08e4645eaef277c373ee116ae3bf29813 | dll | Ransomware.BlackMatter | |
| 2025-12-19 11:42:09 | e90bd4ffc09f362b480fd8b751fc055476bb250e33236230d5058bc73c04ee36 | exe | Ransomware.BlackMatter | |
| 2025-12-19 11:42:09 | a61687dca6e71baa451a3ba677299af8c0b8d576f7e348609aa43162ca550dc3 | exe | Ransomware.LockBit | |
| 2025-12-19 11:42:09 | 7e94fe9333f37a25dc0dd9491e29c04c68c5181618bc39ea5d9410d64f8b1459 | exe | AdaptixC2 | |
| 2025-12-19 11:42:09 | d14c1ff21cff2e09671b636d1fd7667c434d8b3a8c02fbba9f9a987af7cb4fe2 | exe | AdaptixC2 | |
| 2025-12-19 11:42:09 | 1c72af27762f9c18e927caea93182d1895086f7d64e2af6d0197984e5220ed8e | exe | AdaptixC2 |