URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	45.61.136.185
Firstseen:	2024-07-30 05:20:05 UTC
Total malware sites :	18
Online malware sites :	0 (0%)
Offline Malware sites :	18 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2024-07-30 05:20:07	45.61.136.185		Not listed	AS399629 BLNWX	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-07-30 07:38:09	http://45.61.136.185/modules/qqgeqg.exe	Offline	32 AsyncRAT exe	zbetcheckin
2024-07-30 05:26:08	http://45.61.136.185/modules/q5.exe	Offline	32 exe QuasarRAT	zbetcheckin
2024-07-30 05:26:08	http://45.61.136.185/modules/explorer.exe	Offline	32 exe QuasarRAT	zbetcheckin
2024-07-30 05:21:37	http://45.61.136.185/modules/PE.exe	Offline	32 exe RedLineStealer	zbetcheckin
2024-07-30 05:21:09	http://45.61.136.185/modules/q777.exe	Offline	32 exe QuasarRAT	zbetcheckin
2024-07-30 05:21:08	http://45.61.136.185/modules/aL1MbjjfYd8gB5s41u...	Offline	32 exe LummaStealer	zbetcheckin
2024-07-30 05:21:07	http://45.61.136.185/modules/Clear.exe	Offline	32 exe LummaStealer	zbetcheckin
2024-07-30 05:21:07	http://45.61.136.185/modules/exe.exe	Offline	32 exe RedLineStealer	zbetcheckin
2024-07-30 05:21:07	http://45.61.136.185/modules/qqeg3435.exe	Offline	32 exe LummaStealer	zbetcheckin
2024-07-30 05:21:06	http://45.61.136.185/modules/999.exe	Offline	32 exe LummaStealer	zbetcheckin
2024-07-30 05:21:06	http://45.61.136.185/modules/qq35435.exe	Offline	32 exe povertystealer	zbetcheckin
2024-07-30 05:20:08	http://45.61.136.185/modules/qegqegqg.exe	Offline	32 exe LummaStealer	zbetcheckin
2024-07-30 05:20:08	http://45.61.136.185/modules/qeg3.exe	Offline	32 exe LummaStealer	zbetcheckin
2024-07-30 05:20:08	http://45.61.136.185/modules/qe53.exe	Offline	32 exe LummaStealer	zbetcheckin
2024-07-30 05:20:08	http://45.61.136.185/modules/proof.exe	Offline	32 exe LummaStealer	zbetcheckin
2024-07-30 05:20:08	http://45.61.136.185/modules/qqg335.exe	Offline	32 exe LummaStealer	zbetcheckin
2024-07-30 05:20:07	http://45.61.136.185/modules/qq2.exe	Offline	32 exe	zbetcheckin
2024-07-30 05:20:07	http://45.61.136.185/modules/qqeg535.exe	Offline	32 exe povertystealer	zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2024-07-30 07:38:09	068e03599b7f71f00c5ee9ee6b8d574cb722fa9b9302ef094cb8b99e94ea8ca1	exe	AsyncRAT
2024-07-30 05:26:08	3f94a886d4917d5cba86e9b604d001e649cc048286376c4cff495658d68b117a	exe	QuasarRAT
2024-07-30 05:26:07	937fe826cc243be1821fd2769e0aadf5ad0038cdf64768cce924b389b07b5107	exe	QuasarRAT
2024-07-30 05:21:37	79878fd342d8dd0a0d35bb62682a2b60092c9558eb070f128500aa42e4283ae1	exe	RedLineStealer
2024-07-30 05:21:08	b470f926ae2852f47bd5781027dd3f1d2e47fc077a0a82b1ad24a73d75c327b0	exe	QuasarRAT
2024-07-30 05:21:08	dea677961aed1c5722845681df01b89d6f939f88f660a3eadcebbf4196ccc068	exe	LummaStealer
2024-07-30 05:21:07	add5aab0710186b6f86db6c1fd7d9156d5d9bbe4b92633770baee2b1ac915a35	exe	LummaStealer
2024-07-30 05:21:07	0f701ed8416c47393dee28072395046f1a05f6871e736a09ba41d7836a107cdb	exe	RedLineStealer
2024-07-30 05:21:07	14fc2afb7e213b4af506b36ae1f7c9045df88781167fe31b04b4c1174d123ba2	exe	LummaStealer
2024-07-30 05:21:06	d6ed2b6a36a4df6ca45c6a3843adb8f096e889541cbdf13c842ea6807ff49149	exe	LummaStealer
2024-07-30 05:21:06	bc4a818268862ec3af1e56dd94c9958e18bde15be09e9412a802903c3ff6dacd	exe	PovertyStealer
2024-07-30 05:20:08	14fc2afb7e213b4af506b36ae1f7c9045df88781167fe31b04b4c1174d123ba2	exe	LummaStealer
2024-07-30 05:20:08	b0262e639ed5c69a3cff96e2820827a7fd77ec70185c19715263397eee1391bf	exe	LummaStealer
2024-07-30 05:20:08	e021f7185c57f66bb08f40e3f490faa19428f0aaed5b69ab7237837b7d981482	exe	LummaStealer
2024-07-30 05:20:08	c4d62081dbcc320777093e533e42404ba94c032fcec73044b18aa07507ec78ab	exe	LummaStealer
2024-07-30 05:20:08	8277d19c9a6a045a7b1fdf73ad4efacde8acf1492f94a1e78e47a4f42e0339c7	exe	LummaStealer
2024-07-30 05:20:07	be4ed9165bf60e21e79840bc6471fd8fed22a25808b976c4867c6068b63ab52c	exe
2024-07-30 05:20:07	bc3d71c158c5ed330e165afc86a770af4710fffc44e7507d70d72ae69b2b82c0	exe	PovertyStealer