URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 80.64.18.161
Firstseen:2025-05-08 05:10:03 UTC
Total malware sites :27
Online malware sites :0 (0%)
Offline Malware sites :27 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-05-08 05:10:04 80.64.18.161SBL678917AS211659 STIMUL-AS- RUyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2025-05-09 14:39:33http://80.64.18.161/files/5373782173/MzkjqY1.exeOfflinerustystealer abuse_ch
2025-05-09 14:39:33http://80.64.18.161/files/unique1/random.exeOfflineVidar ext abuse_ch
2025-05-09 14:39:33http://80.64.18.161/files/7620313063/MHaQmy9.exeOffline abuse_ch
2025-05-09 14:39:33http://80.64.18.161/files/8000373688/mdjiEXg.exeOfflineLummaStealer abuse_ch
2025-05-09 14:39:33http://80.64.18.161/files/7338649596/Rr7DaZp.exeOfflinerustystealer abuse_ch
2025-05-09 14:39:33http://80.64.18.161/files/6051142952/8QivM1I.exeOfflinerustystealer abuse_ch
2025-05-09 14:39:33http://80.64.18.161/files/5494432675/wqhx1rv.exeOfflineLummaStealer abuse_ch
2025-05-09 14:39:33http://80.64.18.161/files/5674938532/oh5iTrL.msiOfflineconnectwise abuse_ch
2025-05-08 05:10:34http://80.64.18.161/files/7740021827/0VbSWAs.exeOfflineconnectwise abuse_ch
2025-05-08 05:10:34http://80.64.18.161/files/unique2/random.exeOfflinegcleaner ext abuse_ch
2025-05-08 05:10:16http://80.64.18.161/files/295183573/z61mT1q.exeOfflineLummaStealer abuse_ch
2025-05-08 05:10:15http://80.64.18.161/files/5373782173/XcVdWjm.exeOfflinerustystealer abuse_ch
2025-05-08 05:10:11http://80.64.18.161/files/5964778733/fV8FBMo.exeOfflineLummaStealer abuse_ch
2025-05-08 05:10:11http://80.64.18.161/luma/random.exeOfflineLummaStealer abuse_ch
2025-05-08 05:10:11http://80.64.18.161/files/5561582465/XTgkQ8n.exeOfflineDarkVisionRAT abuse_ch
2025-05-08 05:10:11http://80.64.18.161/well/random.exeOffline abuse_ch
2025-05-08 05:10:11http://80.64.18.161/test/exe/random.exeOfflineAmadey abuse_ch
2025-05-08 05:10:11http://80.64.18.161/files/7662971591/n49Z3KI.exeOfflineLummaStealer abuse_ch
2025-05-08 05:10:10http://80.64.18.161/off/random.exeOffline abuse_ch
2025-05-08 05:10:10http://80.64.18.161/files/5494432675/Fnutdyb.exeOfflineLummaStealer abuse_ch
2025-05-08 05:10:10http://80.64.18.161/files/fate/random.exeOfflineLummaStealer abuse_ch
2025-05-08 05:10:09http://80.64.18.161/newdef/random.exeOffline abuse_ch
2025-05-08 05:10:09http://80.64.18.161/files/6336929412/Q1yLGzl.exeOfflineLummaStealer abuse_ch
2025-05-08 05:10:08http://80.64.18.161/files/7644806746/dmMNGNX.exeOfflineLummaStealer abuse_ch
2025-05-08 05:10:08http://80.64.18.161/testmine/random.exeOfflineAmadey abuse_ch
2025-05-08 05:10:04http://80.64.18.161/files/7662971591/5oUjBKx.exeOffline abuse_ch
2025-05-08 05:10:04http://80.64.18.161/files/7697770419/ULZiLty.batOffline abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2025-05-10 08:54:259e318e8fbdba0bc0f745c0d58ddd5799203dae43437fb3de470c7ead44ba6e49exeLummaStealer
2025-05-10 07:22:53b659b56bc895cacbafd9c713d032b617f5be8b92eb099257992b8c70ee8a9212exeRustyStealer
2025-05-10 07:19:5499eac79318763b16d9132d81a7d2692c98e2ab713290c71e6fc52f8af790c34bexeLummaStealer
2025-05-10 07:18:24cdfe71f5f359be56fc6fb2b5bfa6c34042cd2e6114a82fa0c3b147106e731d6aexeRustyStealer
2025-05-10 07:02:1817934a0f20115a17ff9b2e8b21e14714ea1248f97ca5f078b2d0138935f33bbfexeVidar
2025-05-10 06:53:27c3d9be0793c045f428f174a4d4f9f314d449a75bbb15dccd5756c84c137bac4bexe  
2025-05-10 06:48:10abe0a1e9f2953642121a891f303058e56f07dea1a45e0b13caa7b23dcf3fd394exeRustyStealer
2025-05-10 06:45:3246001edba07e9a540d8b14c660e83eac28a5da86aac610d40f2413a67fd8c766exe  
2025-05-10 06:37:173660bf77beaf76c1306ab7c5a9dd60c6fba7d30c6c9ac30c33cab87b6e568371msiConnectWise
2025-05-10 06:33:40e8014072a8b196b5a339f7be8e5828f15b422362a3a81203fdd54322bc0059a1exe CredentialFlusher
2025-05-09 04:44:1555fab6bb4cc34ba6d3155b1dfb3d06f10604334540d97587308d570056137540exe 
2025-05-09 04:42:2855fab6bb4cc34ba6d3155b1dfb3d06f10604334540d97587308d570056137540exe 
2025-05-09 04:33:4318161b498e4183808a2faf0730bcb842157b120dc7fd5e4971f201979a1b58cbexe 
2025-05-09 04:23:1226a081e571d00dbe5858e13a76676f372b6d22b44468793bff37a0a09fbef406exe CredentialFlusher
2025-05-09 03:43:2852c72951c10260de19b06711ae501040976b293a4d19723b978198838cf9de65exe CredentialFlusher
2025-05-09 02:38:50f56cbc37198bd3aec88ee4cbb15918000a8c96c3abb96468272bf4e730218537exe  
2025-05-09 02:37:23a20296afef14cc70aab5381accbb8965825a35c4c020479d9e8952a088fa73e4exe CredentialFlusher
2025-05-09 02:23:3559095cf8ac004f0a9a8125bba729bce92d6bad4b1dba84a9469ac5752b32984fexe 
2025-05-09 02:02:17dae14369784dab2d59505db3a2c7ba39d7add7eadbe249ae9a9cda14fb133afcexe 
2025-05-09 01:52:045fc95a116299507a7153bd8a1a58454f3ba6876185af3b7f4a95f939385111ebexe Amadey
2025-05-09 01:48:24c9890997e693ecb7c7f3dc2c2db0ca5696eeec5f52778d95e0f4c097d23644e9exeLummaStealer
2025-05-09 01:37:17854f25fb3a13524a07a45979ff56bb5514c9a1a4842c38973b98dd272ad3aa4dexe 
2025-05-09 01:14:48a2c7248c6c1997e975e8d560087292f9964d16b5d4f61f67ce2e31b8437ffe14exe CredentialFlusher
2025-05-09 01:10:02d5ad5cf6cd961f301edc253f09a5d948e3c851f44efec3b2bf2985c71096b155exe 
2025-05-09 00:22:3075ac9ae7e1586463fb664aa02d1bb631f045e168203df1daae684560b7bb0b45exe CredentialFlusher
2025-05-09 00:20:2775114b340583d9a9045380bd135307ac39148fb45b047f454de7c495cb67c561exeLummaStealer
2025-05-09 00:15:579298408e1090d2786659c1a039f305fee49b94fc47700e2124dc4113ebb49da3exeLummaStealer
2025-05-08 23:56:440ea9637636ace8a04d7e71a41f4f82234f92de074568bf87562ff9be176ef5e7exe 
2025-05-08 23:30:1842753ad5db231525aa7878fff2ca78297aa25260d5a1ef7c825855dbaceafbf1exe CredentialFlusher
2025-05-08 22:51:12203862e9f8e0e3d7540acf457651b35e3c4854ecb8065105aa5df8e9afd5e0feexe CredentialFlusher
2025-05-08 22:30:272d2f4353ecf16e6dc0d51f84cb33ff93540f1852383e27ed96078372a4fd1e6cexe 
2025-05-08 22:26:177122ecabf6fd78829ff5dd54133213a6e91a4ea5564219b48acc9af7adf749c8exeLummaStealer
2025-05-08 21:46:14fe446b009f1d4ea241ee3495df93e32c8a81bde6659addd6b6d6b77ae25c586fexe 
2025-05-08 21:29:36fe446b009f1d4ea241ee3495df93e32c8a81bde6659addd6b6d6b77ae25c586fexe 
2025-05-08 21:24:345f199638dcaa09b346b92146c4984fda000d5728ee53d8ece558b87a8e1544fcexe CredentialFlusher
2025-05-08 20:40:1356ee900a8dc4b83700f081d2cd55ab136684c017e1c0a4eecd1754599c6f46edexeLummaStealer
2025-05-08 19:50:5491025edf9aadd62073a422159a6c81b213cebed95b31fd86b70984a607bb108cexeLummaStealer
2025-05-08 19:25:2649e0d9e1a6a7c44b45070646f33e72d4a310cd84dd89876552f8f1e5f6d3bf5dexe CredentialFlusher
2025-05-08 19:24:21dfd1db6135ff70237a5412b19c11fb834977019d7f03ee8f18719a9a65b9b066exe 
2025-05-08 19:01:4698f683cb9070b1fe1c8956de214cfe1957f6f3a4ccfc0d2c30ea0168490461c8exe Amadey
2025-05-08 18:49:12b10e0e48bf3a23352b0fec032de8160a902680c73e49ff6fd4ebceb857b34916exeLummaStealer
2025-05-08 18:45:45e359697a5088c1f10c107d3cc552fa24efcbaf47d58badd3ecf30b83ac3eeb3eexe 
2025-05-08 18:28:37e359697a5088c1f10c107d3cc552fa24efcbaf47d58badd3ecf30b83ac3eeb3eexe 
2025-05-08 17:59:340decd6f31b53a145e5590f20075ade4f612229530bcb8131f355af90dcbefe26exeCredentialFlusher
2025-05-08 17:53:359221b2af0730a16a53affaa4c7fb22c4e291773f3a426f8fe4fcb4ece0d90172exe Amadey
2025-05-08 17:12:31286d788d2ab1e33fa5bdefd378b24fc19b2a051b71a1481e2014fbb810332424exe 
2025-05-08 16:46:00003424a48f1a0152aad387eff0652b0e7102c92931bab4c0d039667b9ccc0164exe 
2025-05-08 15:35:12194485f7d6216b6b62d7fc1435eb6656b35ce70b1ae10baff7f5fd534145bbcbexe 
2025-05-08 15:01:30ab3d416d7d12867198caefde2d1a097f976224b9fe481901117e135c534c6c00exe CredentialFlusher
2025-05-08 14:50:45eba7e507e00f71e75207c5e18c2a6feda50452686520a888f00742dcf574450bexeLummaStealer
2025-05-08 14:49:44fdca77b6436464c9c8a1996214f7c1703964474bc997a1ccb85760ecb91b69fbexe CredentialFlusher
2025-05-08 14:20:40ed093e30476964b9868c8e14b1a9032c24551397d35a4022bba1932781372b5bexe 
2025-05-08 13:47:359b416d495be3632084094ef0c50ef47009a1d63256859023038436c5bb3e5a99exeLummaStealer
2025-05-08 13:42:31f9102b7705a7acce71d5e702515f1f9a50dcd87856caa1247f255fff36d3a604exe CredentialFlusher
2025-05-08 12:34:08927db4706134f1ec875c68974b94c1ba796d7a90fc52ee1daac405af66a28bfaexe 
2025-05-08 12:06:448232a11066fe5a6f552302da37f9b4e42f313bbeaf51f86c61fbf84bd95b1ca9exeLummaStealer
2025-05-08 11:41:13927db4706134f1ec875c68974b94c1ba796d7a90fc52ee1daac405af66a28bfaexe 
2025-05-08 11:36:234968a8699cdabaa02a7113d17f648d2d6cfedbbb2c6bfc5cc7b645d10a58e7c8exe 
2025-05-08 10:39:5555093a1ad021f96f39d5219f5f1c44f0a8c59329da088f9a86c7321d67777d03exe CredentialFlusher
2025-05-08 09:51:29f5cd5f7913631bc9c5691cf4219c43799623025bdbceac5e6fa8277cea6dfa56exeLummaStealer
2025-05-08 09:51:055d1832bff714c3c6c0f5282ed888e7bdd5088957e961627f2ef5c382525eb8e6exe Amadey
2025-05-08 09:49:1264df972ac0b747632a03ececaa0c8823ee63857c3c1cbb51bf00781477468143exe 
2025-05-08 09:42:5772efe94303d7aa3926402540d41391129957f62267d6f3dab2afb68f9d8adc22exe CredentialFlusher
2025-05-08 09:12:500db1b0287477b2cd10015a99877384c3e155e0d67e7d75db108d9f4aa5feb3ceexeRasftuby
2025-05-08 09:00:43c28bdc6a23e081607d4e41ce926b652cbad558e6a2d5161dd75fd071cb205faeexe Amadey
2025-05-08 08:31:240db1b0287477b2cd10015a99877384c3e155e0d67e7d75db108d9f4aa5feb3ceexeRasftuby
2025-05-08 08:07:267765eb91dbe811cb2f34e7d23aa893091ca5d79ab4ee653c88ab605976bcd174exe 
2025-05-08 08:05:25c445a9b3220d8861c7ee8bf8f8ea88197ecc828deafe8b4520bc73c156c344e0exe CredentialFlusher
2025-05-08 07:03:46f8347b22c8243d10ef12343f69c9ff404c05060e89296215438a4dc5f326c9c0exe CredentialFlusher
2025-05-08 07:00:33820e40285429a78a439c4f2fd7b89e463adc156be8617bf49cf7712b698d2e41exeLummaStealer
2025-05-08 06:56:134a0079f58be04e4f3bbf5ba271cde8e6629d2d8c0a99760bf2d6e06fc94fe146exe CredentialFlusher
2025-05-08 06:55:52a19e224ea94067509bb9723c684cc7d9b63dbbb892e62d0d64480dff20cf2162exeGCleaner
2025-05-08 06:54:01abe0a1e9f2953642121a891f303058e56f07dea1a45e0b13caa7b23dcf3fd394exeRustyStealer
2025-05-08 06:34:520460e41d34577ba15508183aa4707b3a5904fded84e8a287a2dd9ed5ea641cf1exe  
2025-05-08 06:04:02be6d79a5aa6d5f5d5c0bf12acf9052c3ee7657399c019da250fc860c0ccef911exe ConnectWise
2025-05-08 05:10:1660bc96bd8c684e5d6ff85364f7403fb56ef72fa93668ea2591635177664820e7exeLummaStealer
2025-05-08 05:10:159d4fe788dfdfe7f9bc6ae255e5a8492f29acc65a18fbc8513c63b69f6c23aafbexeRustyStealer
2025-05-08 05:10:119f7fd12613de50dc9bd9416cf2580dadc1baa699277e056149853fcebc012672exeLummaStealer
2025-05-08 05:10:116fcef8d6cb6ad5a251eaabfad55a75769d77380e6f930853c6abb2ce529ec7d0exeLummaStealer
2025-05-08 05:10:113cae189ec3eb7f888f619d77e1d1aa3622772284187392cc9bdb3a3991502e04exeDarkVisionRAT
2025-05-08 05:10:10dd47ce6b08c9640a94e4f48ee1fe2fb08519cc15c3404dd80c211f5618782785exe  
2025-05-08 05:10:1012ebaa4c5b16c69430c434be47a410abd958bd625c10b4c977e003dbc0ccb7c4exe CredentialFlusher
2025-05-08 05:10:1048d2a3bfbe07c2346476f347d88bc3c205c2f552967c1a798515fa39836c4425exe Amadey
2025-05-08 05:10:1045f4eab50d96810f5e3046d61721127d9b9d1aa35be5b8a8d468b9b4935e70bbexeLummaStealer
2025-05-08 05:10:108d30a02b63faa25db2310612bebdd8db66dcda85f676ca016e1c21fc4167af61exeLummaStealer
2025-05-08 05:10:1028d8ba77930a7fdb5d6f7fd77b7f3d9be8a638976f563598e247fbec54574809exeLummaStealer
2025-05-08 05:10:09dd47ce6b08c9640a94e4f48ee1fe2fb08519cc15c3404dd80c211f5618782785exe  
2025-05-08 05:10:099191d81ea0daf2f424942711cf50a9ffd5f90cddba7405a986be2859c9be7ef8exeLummaStealer
2025-05-08 05:10:08e29a3db17025e34336b10d36e5dd59ff5d1ac07ada8df0cddba0d3f3db689f65exeAmadey
2025-05-08 05:10:0824c3da17858990968092cfc6f29b4030c575bff361a25bd8bc618b8e04e19f43exeLummaStealer