URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	45.43.36.223
Firstseen:	2024-12-16 17:18:04 UTC
Total malware sites :	19
Online malware sites :	0 (0%)
Offline Malware sites :	19 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2024-12-16 17:18:07	45.43.36.223		Not listed	AS135377 UCLOUD-HK-AS-AP	TW	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-01-09 12:50:08	http://45.43.36.223/x864433.elf	Offline	backdoor elf GetShell	Joker
2025-01-03 17:16:08	http://45.43.36.223/hr.exe	Offline	exe	BlinkzSec
2025-01-03 12:43:19	http://45.43.36.223/m/mode11_N1Fz.exe	Offline	CobaltStrike malware opendir trojan	Joker
2025-01-03 12:43:19	http://45.43.36.223/m/mode11_AKUh.exe	Offline	CobaltStrike malware opendir trojan	Joker
2025-01-03 12:43:19	http://45.43.36.223/m/mode11_CBNx.exe	Offline	malware opendir trojan	Joker
2025-01-03 12:43:19	http://45.43.36.223/m/mode11_0HVJ.exe	Offline	CobaltStrike malware opendir trojan	Joker
2025-01-03 12:43:19	http://45.43.36.223/m/mode11_UVo6.exe	Offline	CobaltStrike malware opendir trojan	Joker
2025-01-03 12:43:14	http://45.43.36.223/m/mode11_6dMu.exe	Offline	malware opendir trojan	Joker
2025-01-03 12:43:14	http://45.43.36.223/aarch643308.elf	Offline	malware meterpreter opendir	Joker
2025-01-03 12:43:13	http://45.43.36.223/m/mode11_qLf2.exe	Offline	CobaltStrike malware opendir trojan	Joker
2025-01-03 12:43:11	http://45.43.36.223/m/mode11_buqd.exe	Offline	CobaltStrike malware opendir trojan	Joker
2025-01-03 12:43:10	http://45.43.36.223/m4455	Offline	malware meterpreter opendir	Joker
2025-01-03 12:43:09	http://45.43.36.223/45678.elf	Offline	malware meterpreter opendir	Joker
2025-01-03 12:43:05	http://45.43.36.223/arm3307	Offline	GetShell malware meterpreter opendir	Joker
2025-01-03 12:43:05	http://45.43.36.223/5544x64.elf	Offline	ConnectBack malware meterpreter opendir	Joker
2024-12-16 17:18:08	http://45.43.36.223/m	Offline	malware meterpreter opendir	Joker
2024-12-16 17:18:08	http://45.43.36.223/svchostinter.exe	Offline	CobaltStrike malware opendir	Joker
2024-12-16 17:18:07	http://45.43.36.223/3344.bin	Offline	malware meterpreter opendir	Joker
2024-12-16 17:18:07	http://45.43.36.223/3344.exe	Offline	malware Metasploit opendir	Joker

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-01-09 12:50:08	198a0922f19f098abb5800a89f581aab8021e74d7b824156a3027b7f3c0e7048	elf	GetShell
2025-01-03 17:16:08	5e6358f4f3996d0431d1d4aaae4dc1bb2d90d9a160ec9e1ff106b9e97f2cde60	exe
2025-01-03 12:43:19	d49c2451497109ae9f2646d06aa6dcf51b0f6af825d07f516b8dd59c03602401	exe	CobaltStrike
2025-01-03 12:43:19	899c529454c4286185a9d3c039277ce28957590e7ed3e586ccf1487317159c22	exe	CobaltStrike
2025-01-03 12:43:19	f94f93b481fe7819ff46614f0025eb661bb863b9579958c3b408fdf941ad2efc	exe
2025-01-03 12:43:19	3625fddc2687c086d6d4a4300b03d4a2492acf8e843697f57830bb40956f495a	exe	CobaltStrike
2025-01-03 12:43:19	ef1967d9e33cbed9f12a504bdc642c9c12cfbac79a4421617f32e1aa2dc82c6f	exe	CobaltStrike
2025-01-03 12:43:14	cf2079cf272342785f58c393d5013ec99184324549f93c144f79564d106d5e98	exe
2025-01-03 12:43:13	e1b6bd9876ca534e99b28403661e09b7a1ab7dac706df3962a0c975ba5b9e8ec	exe	CobaltStrike
2025-01-03 12:43:13	4b382d5cd06a3d6d2cb8448927a465c1202f45441b9b2403005c47509c79e768	elf	Meterpreter
2025-01-03 12:43:11	4a3341b1a681826f08bc9ec90ca24459826bb28f909030ba522d5ae2c92467d7	exe	CobaltStrike
2025-01-03 12:43:10	314ff804868ba165d60ca94b2cc6b161cc35f52cd1022b2e9533ea7dded93bd8	elf	Meterpreter
2025-01-03 12:43:08	dd8aa084083b7c1dc1596cc89f295a90db24edb261e83eee41087f5650136d4f	elf	Meterpreter
2025-01-03 12:43:05	8eda77699f86b79b873127b642556f88e0ca7a84c5b45d6a98a6cd5a612ff24d	elf	GetShell
2025-01-03 12:43:05	561b89228b562c0a0b53b5848a179fac10ae0226706db82e8dd24226da199d94	elf	ConnectBack
2024-12-16 17:18:08	314ff804868ba165d60ca94b2cc6b161cc35f52cd1022b2e9533ea7dded93bd8	elf	Meterpreter
2024-12-16 17:18:08	c30fc17df989f401a1518088a58bef58c6e0ee7b91960452a547c87af9cda957	exe	CobaltStrike
2024-12-16 17:18:07	a908193949c9b3f45f3b409d4b28949014ae27e9bb1e962fd5e65ebbc97fb89e	exe	Metasploit
2024-12-16 17:18:06	563955d55235b615fcf6434cede40f00a358c3af25f2419c66152b674af9f338	unknown	Meterpreter