URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: 91.218.113.78
Firstseen:2021-07-08 11:24:02 UTC
Total malware sites :8
Online malware sites :0 (0%)
Offline Malware sites :8 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2021-07-08 11:24:04 91.218.113.78Not listedAS50867 ORG-LVA15-AS- RUyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-07-26 14:36:04http://91.218.113.78/regasm/vbc.exeOfflineAgentTesla ext exe opendir abuse_ch
2021-07-22 15:32:05http://91.218.113.78/www/vbc.exeOfflineAgentTesla ext exe abuse_ch
2021-07-21 06:51:03http://91.218.113.78/dhs/vbc.exeOfflineexe opendir SnakeKeylogger ext abuse_ch
2021-07-20 11:32:07http://91.218.113.78/ftpp/vbc.exeOfflineAgentTesla ext exe abuse_ch
2021-07-14 14:45:05http://91.218.113.78/wtt/vbc.exeOfflineAgentTesla ext exe opendir abuse_ch
2021-07-13 04:55:04http://91.218.113.78/ppt/vbc.exeOffline32 AgentTesla ext exe zbetcheckin
2021-07-12 06:07:04http://91.218.113.78/win/vbc.exeOfflineAgentTesla ext JAMESWT_MHT
2021-07-08 11:24:04http://91.218.113.78/upnp/vbc.exeOfflineAgentTesla ext exe opendir abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-07-27 00:11:08bb8f297b69b83f67d611e5d0fd966efc9116a79598044c02e9a691a30fb7c07dexeAgentTesla
2021-07-26 14:36:04a7d774cedf27c9fe62ecd68b359cf5e51e70533e932a9827bbeadd074513ecefexeAgentTesla
2021-07-24 08:01:17d4be3ce81431208b9fd7abb34856c058fd899061e7090c6b4b97e199a45ef0f9exeAgentTesla
2021-07-22 19:03:226be313f575251971aece301752d757d6446df0a2b86c0831405cf62103650f81exeAgentTesla
2021-07-22 15:32:048bf2c9097f211f15879c233eacd3c5b6e767d768c5941765d986ab61ba877341exeAgentTesla
2021-07-21 06:51:03edf4be11c04f2228e6448b9e771f3f8969e8bfcbf914252064c8ee07629c5f4aexeSnakeKeylogger
2021-07-20 11:32:05dad6927feed34942c3b8cdd1cc08edcd2be01b492653da6157a8b2a25d176bccexeAgentTesla
2021-07-14 19:43:54c16b56274c65f209a4a7005b30bc15a4aac81c1eeed883c6a8c2bb8f64572d2dexeAgentTesla
2021-07-14 14:45:0555faab724133c2455e0f6d53a97693cc9b5058d3e0a05b34e0f4e7271e0f5412exeAgentTesla
2021-07-13 06:52:32a7707d7c6817f644a8ae8d9eb5ddb5640ecd1000e15a492aa10d770f75c7bfceexeAgentTesla
2021-07-13 06:47:0479b5e5fec04494b8b1f788e361cc6c9ad9c224ae4304d0af2b97f166cdfa02faexeAgentTesla
2021-07-13 04:55:04fab65de1f3e246271e811162c07c12a2e1199dc2c92dc0da16f1350f35934098exeAgentTesla
2021-07-12 06:07:046dd4eb63d802e2c7593626875d29217763914064bdd0d216b8ba84ad48bcc8e7exeAgentTesla
2021-07-10 18:41:48aba1f22de6fa9677c1b97b97ad9c68d3826fa1ca5eb076acf7b7769f0da1e3feexeAgentTesla
2021-07-08 11:24:03c39fd84e0270d73ab36293778bc8ff68ad5fa00d884e16731549f548ba5ce22aexeAgentTesla