URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	91.243.44.5
Firstseen:	2021-08-05 20:46:03 UTC
Total malware sites :	4
Online malware sites :	0 (0%)
Offline Malware sites :	4 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-08-05 20:46:05	91.243.44.5		Not listed	AS34665 PINDC-AS	RU	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-09-01 20:29:03	http://91.243.44.5/kdiufiefd.exe	Offline	32 exe RemcosRAT	zbetcheckin
2021-08-31 09:00:04	http://91.243.44.5/4rwuwraphnetm0d.exe	Offline	32 exe RemcosRAT	zbetcheckin
2021-08-05 20:59:04	http://91.243.44.5/kill$.exe	Offline	exe	zbetcheckin
2021-08-05 20:46:05	http://91.243.44.5/plot-114.exe	Offline	32 exe RemcosRAT	zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-09-07 13:57:05	e4cf8390df0db1d1e0d703427544992d5e4622f44986350e5143ffdac25af20d	exe
2021-09-01 20:29:03	eac230dd8a6ed40c405caf5e79b60cc7a4e96435873a2b28658c24bdf3550b42	exe	RemcosRAT
2021-08-31 09:00:04	119a4cafa5ace556b3661020f73e29c3109057d97ba8e8ed60eb93f99fa9161e	exe	RemcosRAT
2021-08-05 20:59:04	225aee453b9568adc4ebb27ce98fd80feabf144356196aa1139f08f4fe10eadc	exe
2021-08-05 20:46:04	109a5ffb53cd3311e68c5a28f84fd1d7eb668de3db43a35c344f83785187f915	exe	RemcosRAT