URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	54.79.28.10
Firstseen:	2022-11-23 09:15:04 UTC
Total malware sites :	4
Online malware sites :	0 (0%)
Offline Malware sites :	4 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-11-23 09:15:11	54.79.28.10	ec2-54-79-28-10.ap-southeast-2.compute.amazonaws.com	Not listed	AS16509 AMAZON-02	AU	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-11-25 08:05:06	http://54.79.28.10/000000_0000000_000000_000000...	Offline	doc opendir rat RemcosRAT	abuse_ch
2022-11-25 08:04:08	http://54.79.28.10/260/vbc.exe	Offline	exe opendir rat RemcosRAT	abuse_ch
2022-11-23 09:15:14	http://54.79.28.10/270/vbc.exe	Offline	RemcosRAT	Anonymous
2022-11-23 09:15:11	http://54.79.28.10/000000_0000000_000000_000000...	Offline		Anonymous

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-11-25 08:05:06	24f6f0cc2f1288a6559c4382aa8665a2884be807f6206f92aa2332ef28ffca2b	unknown
2022-11-25 08:04:08	7a5870c5e7f9253deca223afcbf295a99ad0cc014543b26e162e56ad2f22a36e	exe	RemcosRAT
2022-11-23 09:15:09	0cb9ffbc77206540a648b96e790d884f5662c114e831533e1eb31b63157e3953	exe	RemcosRAT
2022-11-23 09:15:05	4fa6fa88abee41384a1f11b2bb8ee81cb0468c2a3c9976b5d6998635301152b1	unknown