URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	66.228.37.7
Firstseen:	2023-03-23 05:52:03 UTC
Total malware sites :	14
Online malware sites :	0 (0%)
Offline Malware sites :	14 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-03-23 05:52:09	66.228.37.7	li287-7.members.linode.com	Not listed	AS63949 AKAMAI-LINODE-AP	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-03-23 19:28:03	http://66.228.37.7/ncat/writer.bat	Offline	ascii bat opendir	abuse_ch
2023-03-23 05:53:06	http://66.228.37.7/jTAGz-Loader.bat	Offline	ascii bat opendir	abuse_ch
2023-03-23 05:52:36	http://66.228.37.7/MS-Netware.exe	Offline	exe opendir	abuse_ch
2023-03-23 05:52:14	http://66.228.37.7/creal.exe	Offline	CrealStealer exe opendir	abuse_ch
2023-03-23 05:52:10	http://66.228.37.7/A1.exe	Offline	exe opendir	abuse_ch
2023-03-23 05:52:09	http://66.228.37.7/BypassUAC.exe	Offline	exe opendir	abuse_ch
2023-03-23 05:52:09	http://66.228.37.7/NetSySCLI.exe	Offline	exe Metasploit opendir	abuse_ch
2023-03-23 05:52:09	http://66.228.37.7/bar2.js	Offline	ascii js opendir	abuse_ch
2023-03-23 05:52:09	http://66.228.37.7/bar.js	Offline	ascii js opendir	abuse_ch
2023-03-23 05:52:09	http://66.228.37.7/Tism.bat	Offline	ascii bat opendir	abuse_ch
2023-03-23 05:52:09	http://66.228.37.7/NRATNew.exe	Offline	exe opendir	abuse_ch
2023-03-23 05:52:09	http://66.228.37.7/nettaskcipher.exe	Offline	exe Formbook opendir	abuse_ch
2023-03-23 05:52:09	http://66.228.37.7/ConPtyShell.exe	Offline	exe opendir	abuse_ch
2023-03-23 05:52:09	http://66.228.37.7/cipher.exe	Offline	exe Formbook opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-07-11 09:04:08	92396e17737d5ed86a78ca294e773adad29e9a369817d05ae8444fe8ddb81fdf	unknown
2023-03-23 19:28:03	642261ea81f01257944208fd7581532fad55c3133ca418ceb7b8c17fc7002ad6	unknown
2023-03-23 05:53:06	0e5c29e5f59ea85efc24ec48be934fb27f9b4502e40a4a8e66f835c259bf4d7b	unknown
2023-03-23 05:52:36	90819a9d0cd127e21baedf4e78612cf82c13051fcc26e1af1dd3a2d196eb1fb5	exe
2023-03-23 05:52:08	7dd0f281b3da915e99690900150c0af179d057ca09e36bc33ef699d497e680aa	exe	CrealStealer
2023-03-23 05:52:04	4b4c5bb719c694d00ae228c4ed3a86d97b848ef231f80aff9a5a3facdf579643	exe
2023-03-23 05:52:04	c3fd44421f0c143c5903d2000a44840393e75e85e2f839c5a4c6b368e398d509	exe	Metasploit
2023-03-23 05:52:04	3efee23e062979685c1efb87ef9c739630c4da1e7a7ad22e8c45da66ad0f4b3c	exe	EagleRAT
2023-03-23 05:52:04	415368c42994976a96d870c801364a58a56ace26be19dab123bb0c45f788c105	exe	Formbook
2023-03-23 05:52:04	e8734f6ab6ba0ad51c2a517b8e03b57819a3cce7e6016374917b9fefe3fd3ec1	exe
2023-03-23 05:52:04	b0e033889328ade7951390d7cf8f4e5558a12aed2d5042596e9f76d3286f5de5	exe	Formbook
2023-03-23 05:52:04	21d213c4a54955d404e6a82297217a66bf52cead08e73c5411637b8daf70fd73	exe