URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	77.73.69.137
Firstseen:	2020-05-09 06:24:02 UTC
Total malware sites :	5
Online malware sites :	0 (0%)
Offline Malware sites :	5 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2020-05-09 06:24:07	77.73.69.137		Not listed	AS43317 VEESP-AS	RU	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-05-10 07:53:03	http://77.73.69.137/edsd/nkbin01h.h3d.exe	Offline	opendir rat RemcosRAT	abuse_ch
2020-05-09 15:31:07	http://77.73.69.137/edsd/testingmic.exe	Offline	AveMariaRAT exe	zbetcheckin
2020-05-09 06:24:15	http://77.73.69.137/edsd/confirm%20invoice.exe	Offline	AveMariaRAT exe opendir	abuse_ch
2020-05-09 06:24:10	http://77.73.69.137/edsd/agent2.exe	Offline	exe opendir RemcosRAT	abuse_ch
2020-05-09 06:24:07	http://77.73.69.137/edsd/Fksamai.exe	Offline	AveMariaRAT exe opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-05-10 07:53:03	ec639f932f7e3c075d735973cd493fe7a895bf660b4aff4fc4c97af08baf64b8	exe	RemcosRAT
2020-05-09 15:31:06	a445a5bc6990861c07657cc70e85253ff73cd88e6d7f040e00fb03ffbce5764b	exe	AveMariaRAT
2020-05-09 06:24:15	4b13bb36220d46ab9fa89c4163c8ec571fe0c113af00773d0968fa51c4056bbd	exe	AveMariaRAT
2020-05-09 06:24:10	8df9bddf123ffa3fa0f312d56bedde096310a02676e2b023530d8cd6856caa37	exe	RemcosRAT
2020-05-09 06:24:05	e43d34170181b3e9b5baf550d70b27fdbcfcc8e974694352d77e5e52e8866a2d	exe	AveMariaRAT