URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 52.58.97.51
Firstseen:2021-09-15 11:41:02 UTC
Total malware sites :19
Online malware sites :0 (0%)
Offline Malware sites :19 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2021-09-15 11:41:03 52.58.97.51ec2-52-58-97-51.eu-central-1.compute.amazonaws.comNot listedAS16509 AMAZON-02- DEyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-09-24 13:03:03http://52.58.97.51/T67/F2/PPT_65084100000135.exeOfflineRedLineStealer ext Anonymous
2021-09-23 12:50:04http://52.58.97.51/T67/F2/Product_Specification...Offlinea310Logger ext exe opendir abuse_ch
2021-09-23 12:50:04http://52.58.97.51/T67/F2/Proof%20Of%20Payment.exeOfflineexe NetWire ext opendir abuse_ch
2021-09-23 12:50:04http://52.58.97.51/T67/F2/706012088801.exeOfflinea310Logger ext exe opendir abuse_ch
2021-09-23 12:50:04http://52.58.97.51/T67/F2/BRL_2451020032016.exeOfflinea310Logger ext exe opendir abuse_ch
2021-09-23 12:49:03http://52.58.97.51/T67/F2/Product_Specification...Offlineexe Formbook ext opendir abuse_ch
2021-09-21 20:44:04http://52.58.97.51/T6/F/jj10-crypt.exeOffline32 AgentTesla ext exe zbetcheckin
2021-09-21 20:39:03http://52.58.97.51/4r/u/product_specifications_...Offline32 exe Formbook ext zbetcheckin
2021-09-21 20:39:03http://52.58.97.51/4r/u/enquiry_3013577701209pp...Offline32 a310Logger ext exe zbetcheckin
2021-09-21 20:39:03http://52.58.97.51/4r/u/new_requests_5022058.exeOffline32 a310Logger ext exe zbetcheckin
2021-09-21 20:34:03http://52.58.97.51/4r/u/product_specifications_...Offline32 a310Logger ext exe zbetcheckin
2021-09-21 20:34:03http://52.58.97.51/4r/u/product_specifications_...Offline32 exe Formbook ext zbetcheckin
2021-09-21 19:24:03http://52.58.97.51/T6/F/remit.exeOfflineopendir remcos ext RemcosRAT ext AndreGironda
2021-09-16 04:47:04http://52.58.97.51/i3/U/Enquiry_101352001209png...Offline32 a310Logger ext exe zbetcheckin
2021-09-16 01:23:03http://52.58.97.51/i3/u/enquiry_00207301020785p...Offline32 a310Logger ext exe zbetcheckin
2021-09-16 01:23:03http://52.58.97.51/i3/u/remcoss.exeOffline32 exe RemcosRAT ext zbetcheckin
2021-09-15 22:04:03http://52.58.97.51/i3/u/enquiry_6307300022png.exeOffline32 exe zbetcheckin
2021-09-15 18:11:04http://52.58.97.51/i3/U/bin-cryp.exeOffline32 exe Formbook ext zbetcheckin
2021-09-15 11:41:03http://52.58.97.51/i3/U/Enquiry_633772886png.exeOfflineexe ffforward

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-09-24 13:03:03712073df2ebfc18febbf67741573f0d6d3e24ac847786995c375be92240cac69exeRedLineStealer
2021-09-23 12:50:04c4dbc81e8e003295ddf39d7cb73d7fc61ed7287793146b48191352e73a5c8c92exea310Logger
2021-09-23 12:50:04e7de1326af0d239c39acb80ce433319a01ea106bc3dfa6c335fc0ed9f2cf9537exeNetWire
2021-09-23 12:50:04a530f2e672f2804e0e69d6296ec30ece0d702eef72f38fef01f0005f789c38abexea310Logger
2021-09-23 12:50:0430d69e71fbd77dcb2a96dd6915ab7f45445431b76b1e739186d9847b7a0ceaf0exea310Logger
2021-09-23 12:49:0359aaeb22618c772877612d56e850fadbe0f8e929aa14b7922de7afef3eb7be96exeFormbook
2021-09-21 20:44:045da40f66abf1b576b009e3f4c6b16156e2daa844d21385ecc4eb69ab023411ceexeAgentTesla
2021-09-21 20:39:036bb272687077dd72fd43ff97e4883a202c4a041cccf94b6df1876820d69418f3exeFormbook
2021-09-21 20:39:03f06b116d8af2db4ae345ed7c9596865c3476d401ff7d52b0a45478847f053ff1exea310Logger
2021-09-21 20:39:0369c5c5860dad093aa840862d188c4a17b372bd00a570d5d9831ea6da6e489cf4exea310Logger
2021-09-21 20:34:0384b28e876636b333e63e90bf2aa72ca80ff891c8bdebcb85200fba34d865bb91exea310Logger
2021-09-21 20:34:0384236953e6059c7733ecd777604a225ee85dc96740a46aac1379d13b3d57630dexeFormbook
2021-09-21 19:24:038fa72e87addead9671e573d7cb843ca784a10cfbf6acf5b6bc4830df66fe0bf0exeRemcosRAT
2021-09-16 04:47:031bd85ed9bcbbe87a69f4c4764438e0df0cba8d5799d05a7bed911b5c57c33e4eexea310Logger
2021-09-16 01:23:03f5cb1fde3016b1c8c6927d64cca4a84f81987b50382c19b42c4e1b5f137360f2exea310Logger
2021-09-16 01:23:03c15017d56ac6e02cf607d7188d5b4bb5485d9463031ba4effcb29ca84eb83deaexeRemcosRAT
2021-09-15 22:04:03de7e8838d1448ac79810b71d637b62165d32cb1932c211e1ea571bd4770b0ceaexeSpyEx
2021-09-15 18:11:044f8799e5441c553ebbda342b6b06356a70dc432e5ac0434f4158146520b57ab7exeFormBook
2021-09-15 11:41:0326bec6114e67239a103b0c33fef33c802a77703a71ef3a204222454b994dbcf4exeSpyEx