URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	85.31.46.80
Firstseen:	2022-10-06 11:43:03 UTC
Total malware sites :	4
Online malware sites :	0 (0%)
Offline Malware sites :	4 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-10-06 11:43:04	85.31.46.80		Not listed	AS214238 iwihost	BG	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-10-08 04:56:04	http://85.31.46.80/HHB.exe	Offline	32 exe RemcosRAT	zbetcheckin
2022-10-08 04:55:05	http://85.31.46.80/BBG.exe	Offline	32 exe RemcosRAT	zbetcheckin
2022-10-08 04:38:04	http://85.31.46.80/UUF.exe	Offline	32 exe RemcosRAT	zbetcheckin
2022-10-06 11:43:04	http://85.31.46.80/JJB.exe	Offline	AgentTesla exe	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-11-02 05:16:47	a3b8a159d182e81c5305b72d1296f2973318cfa845de0fe3e5c0905cd9ca0868	exe	RemcosRAT
2022-10-08 04:56:04	3462127ba6b90b84e7d22a649863fef52cc1835604f0fb21a6b3e3f3a7694d92	exe	RemcosRAT
2022-10-08 04:55:05	e97271a5289884718f3cbbf41ff1bff024a160e9c92d75e611141aa1b9c26094	exe	RemcosRAT
2022-10-08 04:38:04	35da234a25a8e05a748bdb3d0e9cad042a3cac0b138d5e9d05fefe8ed62bed32	exe	RemcosRAT
2022-10-06 11:43:04	19f8b064a56047ee56ac2ba3d265f83b1b50aa18a228f67de9f0df0afa324c51	exe	AgentTesla