URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	77.91.70.80
Firstseen:	2023-11-03 23:25:05 UTC
Total malware sites :	5
Online malware sites :	0 (0%)
Offline Malware sites :	5 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-11-03 23:25:07	77.91.70.80		SBL655167	AS211522 HYPERCORELTD	FI	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-11-04 04:34:07	http://77.91.70.80/amer.exe	Offline	64 exe zgRAT	zbetcheckin
2023-11-04 03:57:04	http://77.91.70.80/Lncijzzbob.exe	Offline	32 Amadey exe	zbetcheckin
2023-11-04 03:03:10	http://77.91.70.80/LaunchPatch.exe	Offline	64 CoinMiner exe	zbetcheckin
2023-11-03 23:34:07	http://77.91.70.80/Wpqcpff.exe	Offline	32 exe zgRAT	zbetcheckin
2023-11-03 23:25:07	http://77.91.70.80/anb.exe	Offline	32 Amadey exe	zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-11-04 04:34:07	87e8d20c870fe87533ab89f6cdbaeaab2efc2151884cda3d3a3f72080765055d	exe	zgRAT
2023-11-04 03:57:04	cb17971c69696d81a364f55879b02caae2bd0135d0d1d6bfba48868f7a2f1d30	exe	Amadey
2023-11-04 03:03:10	14ed823d0f5b4a6074fd3e70646505cda2918d403a6b2fd9e5b0705f933e5f08	exe	CoinMiner
2023-11-03 23:34:07	c1bd141a8c2a27b5c7318229556282a4259a9caba1b3768ec58a83dc2d7afdca	exe	zgRAT
2023-11-03 23:25:07	9da10d7b75c589f06f1758ed8e3c0335b9a738d0ad1317c48e380bca768bdddf	exe	Amadey