URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | 62.204.41.252 |
|---|---|
| Firstseen: | 2022-11-28 20:41:03 UTC |
| Total malware sites : | 3 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 3 (100%) |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2022-12-03 14:20:05 | http://62.204.41.252/newlege.exe | Offline | dropped-by-amadey RedLineStealer  |  viql |
| 2022-11-29 00:16:05 | http://62.204.41.252/nB8cWack3/Plugins/cred64.dll | Offline | 32 Amadey exe |  zbetcheckin |
| 2022-11-28 20:41:10 | http://62.204.41.252/Legend.exe | Offline | exe RedLineStealer |  jstrosch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2022-12-03 14:20:05 | be91543d87f31d5bab7129c8bc63646ccc7c6aacabfa527ef4642a386145334c | exe | RedLineStealer | |
| 2022-11-29 00:16:05 | fea6ecd2a63044cc6be256142021fc91564c2ae1705620efc2fe6a3f4e265689 | dll | Amadey | |
| 2022-11-28 20:41:04 | 93fa1f55b57510de437b7cd4edd12a59122ab2e9463c866ad6558c470de0950e | exe | RedLineStealer |