URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 62.204.41.104 |
|---|---|
| Firstseen: | 2023-01-09 14:01:04 UTC |
| Total malware sites : | 5 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 5 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2025-02-03 06:28:34 | http://62.204.41.104/7gjD0Vs3d/Plugins/cred.dll | Offline | Amadey |  lontze7 |
| 2024-02-21 11:20:12 | http://62.204.41.104:9090/beacon.exe | Offline | beacon CobaltStrike  |  fbone3 |
| 2024-02-21 11:20:11 | http://62.204.41.104:9090/oci.dll | Offline | beacon CobaltStrike | fbone3 |
| 2023-01-09 14:01:11 | http://62.204.41.104/7gjD0Vs3d/Plugins/clip64.dll | Offline | Amadey dll |  abuse_ch |
| 2023-01-09 14:01:11 | http://62.204.41.104/7gjD0Vs3d/Plugins/cred64.dll | Offline | Amadey dll | abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2024-02-21 11:20:12 | d4c42f794660fc88a72901227f235bd0842f876af1d709c3a02fca4a13eb3364 | exe | CobaltStrike | |
| 2024-02-21 11:20:11 | 9dae5302014858f60fd323bb7a393d00454802a8ae25fa2611688f95f31ec636 | dll | ||
| 2023-01-09 14:01:06 | 6e4f0b64126f6cdf3740ab23575e0a5e24b455f31d53f1044151f7403733ea7d | dll | Amadey | |
| 2023-01-09 14:01:05 | 4f93661b0a49bfe8ec12bac2a5df902fe57b2621f6dd7a59ccfca62b3ebf4a89 | dll | Amadey |