URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 77.105.161.194
Firstseen:2024-09-25 23:24:04 UTC
Total malware sites :9
Online malware sites :1 (11%)
Offline Malware sites :8 (89%)
Newest active malware site :2024-10-04 20:15:28 UTC
Oldest active malware site :2024-10-04 20:15:28 UTC (Age: 1 year, 1 month, 25 days, 11 hours, 6 minutes)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2024-09-25 23:24:05 77.105.161.194Not listedAS215428 shinomiya- DEyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2024-10-18 09:03:04http://77.105.161.194/pdf/CRYPTBASE.DLLOffline abus3reports
2024-10-18 09:03:04http://77.105.161.194/file/cmd.exeOffline abus3reports
2024-10-18 08:49:19http://77.105.161.194/file//carrier_ratecon.exeOfflineexe LummaStealer abus3reports
2024-10-15 19:21:16http://77.105.161.194/file/6706e721f2c06.exeOfflineRemcosRAT ext stealers abus3reports
2024-10-05 00:23:09http://77.105.161.194/file/1.exeOfflineexe Vidar ext DaveLikesMalwre
2024-10-04 20:15:08http://77.105.161.194/pdf/file.exeOfflineRedLineStealer ext Anonymous
2024-09-26 14:10:11http://77.105.161.194/file/orderconfirmation.exeOfflineLumma LummaStealer Anonymous
2024-09-25 23:24:05http://77.105.161.194/file/Solara.exeOfflineRedLine ext RedLineStealer ext Anonymous

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2024-10-18 18:21:42e9c15df5e902e3da0077e09e8caa19a6df84ad58ba3d3d18333fa6c60e9cfe1fexe Vidar
2024-10-18 14:37:52857270428d9d88c5da6d8b9d33059d4e29347637879a17975631408c5359b623exe LummaStealer
2024-10-18 13:13:1300e01ce6ceac5fedec95dc166a00ba10279db9f90c1c925c5540cb70dbb66366exe  
2024-10-18 08:49:1952728ffbb20c4e3125756e22a0032e7441c8ddf71aafb0aa2f7bec63aa64382aexeLummaStealer
2024-10-15 19:21:15c3dee07cba853e66489d883ef5bcc094ea32861828ebfcde773e7527726be35cexeRemcosRAT
2024-10-09 16:57:39065a1a3575aac28ccb77e4d00b18907aab16f8432913425ffcde44abf24ef840exe Vidar
2024-10-07 09:58:375af616dd0add7fc81685ceba577cc716f64525821df2d2b26ebc776611769383exe  
2024-10-06 22:55:287507af39b3ed38d361e06c2a232d5703369bb11706184d0d10318a5ff3d9cabcexeRedLineStealer
2024-10-05 00:23:09ad123b1589cb2c726de8da9af56ec2dacc22518cda285dc3c014c65c4d405a1dexe Vidar
2024-10-04 20:15:28edef0a42ef8dede49f47c763238c8caea2ccb45a9af69362c41f1d95e8a19540exe  
2024-10-04 20:15:08c5254b723efec819e2b470716f45de3bfd929b90eb9957b4a7f4b55158db2dc2exeRedLineStealer
2024-09-30 14:27:486f20bec583c8dc2c6993c0c0c92075edf117695b118cf13b79b90d22b9840e54exe  
2024-09-27 01:18:02ee124586c4e83ba44c2a787bd37740b6420f9caca0c70c31ca93e39926b719e9exe 
2024-09-26 14:10:1147a1bbb47ede2daa62558515a9a4e98410a8b2d7c9e74fe5c45783969c48be39exeLummaStealer
2024-09-25 23:24:059754bc10564077425803459cc91b0197ad96263e6994e9afc2a5fd0e932615d8exeRedLineStealer