URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	91.92.243.32
Firstseen:	2024-07-08 07:11:06 UTC
Total malware sites :	69
Online malware sites :	0 (0%)
Offline Malware sites :	69 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2024-07-08 07:11:14	91.92.243.32		SBL686267	AS214943 RAILNET	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-07-09 19:10:19	http://91.92.243.32/kvro/venture49.png	Offline	zip	NDA0E
2024-07-09 19:10:19	http://91.92.243.32/kvro/Dadmut.exe	Offline	exe PureLogStealer	NDA0E
2024-07-09 19:10:19	http://91.92.243.32/kvro/Dlbzqv.exe	Offline	exe PureLogStealer	NDA0E
2024-07-09 19:10:19	http://91.92.243.32/rkei/Erlnb.exe	Offline	exe	NDA0E
2024-07-09 19:10:19	http://91.92.243.32/kvro/venture01.png	Offline	zip	NDA0E
2024-07-09 19:10:19	http://91.92.243.32/kvro/venture37.png	Offline	zip	NDA0E
2024-07-09 19:10:19	http://91.92.243.32/kvro/kdosmaul.hta	Offline	hta	NDA0E
2024-07-09 19:10:19	http://91.92.243.32/kvro/venture32.png	Offline	zip	NDA0E
2024-07-09 19:10:18	http://91.92.243.32/kvro/venture23.png	Offline	zip	NDA0E
2024-07-09 19:10:18	http://91.92.243.32/kvro/venture50.png	Offline	zip	NDA0E
2024-07-09 19:10:18	http://91.92.243.32/kvro/venture60.png	Offline	zip	NDA0E
2024-07-09 19:10:18	http://91.92.243.32/kvro/venture221.png	Offline	zip	NDA0E
2024-07-09 19:10:18	http://91.92.243.32/kvro/venture57.png	Offline	zip	NDA0E
2024-07-09 19:10:18	http://91.92.243.32/kvro/venture169.png	Offline	zip	NDA0E
2024-07-09 19:10:18	http://91.92.243.32/kvro/venture293.png	Offline	zip	NDA0E
2024-07-09 19:10:18	http://91.92.243.32/kvro/Fmzsa.exe	Offline	exe PureLogStealer	NDA0E
2024-07-09 19:10:18	http://91.92.243.32/kvro/impalsvaju.png	Offline	zip	NDA0E
2024-07-09 19:10:17	http://91.92.243.32/kvro/venture246.png	Offline	zip	NDA0E
2024-07-09 19:10:17	http://91.92.243.32/kvro/venture31.png	Offline	zip	NDA0E
2024-07-09 19:10:17	http://91.92.243.32/rkei/Stien.exe	Offline	exe PureLogStealer	NDA0E
2024-07-09 19:10:17	http://91.92.243.32/kvro/venture28.png	Offline	zip	NDA0E
2024-07-09 19:10:17	http://91.92.243.32/kvro/venture19.png	Offline	zip	NDA0E
2024-07-09 19:10:17	http://91.92.243.32/kvro/venture120.png	Offline	zip	NDA0E
2024-07-09 19:10:16	http://91.92.243.32/kvro/venture24.png	Offline	zip	NDA0E
2024-07-09 19:10:16	http://91.92.243.32/kvro/venture08.png	Offline	zip	NDA0E
2024-07-09 19:10:16	http://91.92.243.32/kvro/venture220.png	Offline	zip	NDA0E
2024-07-09 19:10:16	http://91.92.243.32/kvro/venture36.png	Offline	zip	NDA0E
2024-07-09 19:10:16	http://91.92.243.32/kvro/venture176.png	Offline	zip	NDA0E
2024-07-09 19:10:16	http://91.92.243.32/kvro/venture251.png	Offline	zip	NDA0E
2024-07-09 19:10:16	http://91.92.243.32/kvro/skmvlcamz.png	Offline	zip	NDA0E
2024-07-09 19:10:16	http://91.92.243.32/rkei/Xwemz.exe	Offline	exe PureLogStealer	NDA0E
2024-07-09 19:10:15	http://91.92.243.32/kvro/venture61.png	Offline	zip	NDA0E
2024-07-09 19:10:15	http://91.92.243.32/kvro/venture18.png	Offline	zip	NDA0E
2024-07-09 19:10:15	http://91.92.243.32/kvro/venture170.png	Offline	zip	NDA0E
2024-07-09 19:10:15	http://91.92.243.32/kvro/venture33.png	Offline	zip	NDA0E
2024-07-09 19:10:14	http://91.92.243.32/kvro/Stien.exe	Offline	exe PureLogStealer	NDA0E
2024-07-09 19:10:14	http://91.92.243.32/kvro/venture261.png	Offline	zip	NDA0E
2024-07-09 19:10:14	http://91.92.243.32/kvro/venture241.png	Offline	zip	NDA0E
2024-07-09 19:10:14	http://91.92.243.32/kvro/venture222.png	Offline	zip	NDA0E
2024-07-09 19:10:14	http://91.92.243.32/kvro/venture07.png	Offline	zip	NDA0E
2024-07-09 19:10:14	http://91.92.243.32/kvro/venture20.png	Offline	zip	NDA0E
2024-07-09 19:10:14	http://91.92.243.32/kvro/venture77.png	Offline	zip	NDA0E
2024-07-09 19:10:14	http://91.92.243.32/kvro/venture70.png	Offline	zip	NDA0E
2024-07-09 19:10:14	http://91.92.243.32/kvro/venture17.png	Offline	zip	NDA0E
2024-07-09 19:10:13	http://91.92.243.32/kvro/svkdmal.png	Offline	zip	NDA0E
2024-07-09 19:10:13	http://91.92.243.32/kvro/venture240.png	Offline	zip	NDA0E
2024-07-09 19:10:13	http://91.92.243.32/kvro/venture39.png	Offline	zip	NDA0E
2024-07-09 19:10:13	http://91.92.243.32/kvro/venture76.png	Offline	zip	NDA0E
2024-07-09 19:10:13	http://91.92.243.32/kvro/venture75.png	Offline	zip	NDA0E
2024-07-09 19:10:13	http://91.92.243.32/kvro/djfaumon.hta	Offline	hta	NDA0E
2024-07-09 19:10:13	http://91.92.243.32/kvro/Layout.exe	Offline	exe	NDA0E
2024-07-09 19:10:13	http://91.92.243.32/rkei/Layout.exe	Offline	exe	NDA0E
2024-07-09 19:10:12	http://91.92.243.32/kvro/venture243.png	Offline	zip	NDA0E
2024-07-09 19:10:12	http://91.92.243.32/rkei/vorthauay.hta	Offline	hta	NDA0E
2024-07-09 19:10:12	http://91.92.243.32/kvro/venture43.png	Offline	zip	NDA0E
2024-07-09 19:10:12	http://91.92.243.32/kvro/venture03.png	Offline	zip	NDA0E
2024-07-09 19:10:12	http://91.92.243.32/kvro/venture26.png	Offline	zip	NDA0E
2024-07-09 19:10:12	http://91.92.243.32/kvro/venture53.png	Offline	zip	NDA0E
2024-07-08 07:27:10	http://91.92.243.32/kvro/997.txt	Offline	ascii	NDA0E
2024-07-08 07:27:10	http://91.92.243.32/rkei/1085.txt	Offline	ascii	NDA0E
2024-07-08 07:27:10	http://91.92.243.32/rkei/1068.txt	Offline	ascii	NDA0E
2024-07-08 07:27:10	http://91.92.243.32/rkei/Uialn.exe	Offline	exe PureLogStealer	NDA0E
2024-07-08 07:27:10	http://91.92.243.32/kvro/589.txt	Offline	ascii	NDA0E
2024-07-08 07:27:10	http://91.92.243.32/kvro/Erlnb.exe	Offline	clipbanker exe	NDA0E
2024-07-08 07:27:09	http://91.92.243.32/kvro/xplayd.hta	Offline	CobaltStrike hta	NDA0E
2024-07-08 07:27:09	http://91.92.243.32/kvro/venture45.png	Offline	PureLogStealer zip	NDA0E
2024-07-08 07:27:09	http://91.92.243.32/kvro/Alingme.exe	Offline	exe PureLogStealer	NDA0E
2024-07-08 07:11:15	http://91.92.243.32/kvro/1284.txt	Offline	ascii	NDA0E
2024-07-08 07:11:14	http://91.92.243.32/kvro/Atte.exe	Offline	andromeda exe	NDA0E

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2024-07-09 19:10:19	2fdee3b063ef591980c5cfcda40f87eaccb96110bf3b86b30b4b6051afe6c93a	zip
2024-07-09 19:10:19	1702d2196b87c01e039ae71e17bced2113a2f99a72fb6d8dcee219dfc598adfc	exe	PureLogStealer
2024-07-09 19:10:19	37d645383ac6c20846f2342aec1bd6e2e6a5a871c0b47a71e1c6d1f893c90543	exe	PureLogStealer
2024-07-09 19:10:19	0b91154f7907ff59359c2f923b2ea91970b8a2899259c4a7713056cee656453c	exe
2024-07-09 19:10:19	39d2d624acb381ab2f1d0a63031c5d7d412c721f55081fa81eed932e59275a31	zip
2024-07-09 19:10:19	5e29a10f09b4b630af97738ac1a5a147caef96e980a364fb9ce3f81eb6cd1b6e	zip
2024-07-09 19:10:19	af207a860fcc61521d571edd630480dd4f96b953ea077c066c0caf3ad735e37f	hta
2024-07-09 19:10:19	732704bea535f94f8a100b13596d00658f3f1faa2d6da53e049e04758cf5545a	zip
2024-07-09 19:10:18	cb047fd3d8b8ccfeca4b518403d5a72df463ecaee8b176d79db001df1d7f0275	zip
2024-07-09 19:10:18	3cc4140aef8a5143b1e9f7347c05b823ce1b5d3e85f30c57d406b85377b3097a	zip
2024-07-09 19:10:18	91124a5060101b1db3265c848317014f7c02005ce944c3d0d6c6bd50d3398737	zip
2024-07-09 19:10:18	370d45d400e340a567f2f97572b759637895bb75b8a52cd37c6478dd067e454a	zip
2024-07-09 19:10:18	dd1c03f1b9a87616a69586b7a5c9997e92a97b7372043d8725aa13074d786fb9	zip
2024-07-09 19:10:18	e5c08eb6bdd6384500063b03c285fe9a9e47c99d188366dcdc6e4962085d5da9	zip
2024-07-09 19:10:18	8c9e9a9d1c49f5512cf1c8daad48628acbfbdc417c08c39bcae088b3cc806b7c	exe	PureLogStealer
2024-07-09 19:10:17	112c24eb56262761731cd65e4cd2dd748b678f3be8c60b8d90b19c1cc55d6feb	zip
2024-07-09 19:10:17	3bba49172f912b1ac1072f0cb251cf78e5cae737345d0392be7ebefa863cb4a9	zip
2024-07-09 19:10:17	0ed7e7bf29af65c7041cf1a85ded5b959ea63b3ff7ce09abbb5906a37dddaad2	zip
2024-07-09 19:10:17	f735036ae4ba69e4cfc25b07c9852d363cf430438d838295bf3dc770c8794250	zip
2024-07-09 19:10:17	ce8f36cb260a5e3d03fab13624208d531551b5dc82e2097b9dd38707c32852de	exe	PureLogStealer
2024-07-09 19:10:17	c58318c2affce2ac641df20a1df9922a0e9781ff9ef9797230278d4d92413cf0	zip
2024-07-09 19:10:17	1284c18129b3272c9e552ea117c2971aeb04b5d6d3ebf19c5afe933b102a761b	zip
2024-07-09 19:10:17	0e76445d05b7d468da05a5cf97f4e81892a221bffa6f20dfc7b812236ea85e75	zip
2024-07-09 19:10:16	cbb67c822920db1f5ae3cdc6f99b1148c307b56390ec8aa36222dd4b9e8116e3	zip
2024-07-09 19:10:16	e96b455245e3e29c30bcbaf2836654435beca58d7e0e740fef3d5449caa6cfca	exe	PureLogStealer
2024-07-09 19:10:16	11f785b53a8509d7937a7b723b5518d6c3eb6780f570de6ce0bfeece61171136	zip
2024-07-09 19:10:16	2076e1e11a53f16f5a56139d144714ba03fa3baf134c67ce7fef26318bf9e51b	zip
2024-07-09 19:10:15	c5e7a645401cdf9877d2e761423d4d5e6c7143efe88c3edc7cca38cc0a9c098d	zip
2024-07-09 19:10:15	a1c938f6d6f428d06974283011a83e37289783589cdb7cb9a64981c2788d55bf	zip
2024-07-09 19:10:15	05681c4f3689771bea5bb4a875d5bb6e89ab8fb958ee8ebc4c8f9014cc785a67	zip
2024-07-09 19:10:15	7c3779546108272fe3256b05170dc8604ebdac279d50b6a1ff281ed9a9d11603	zip
2024-07-09 19:10:15	d172b9dfd3b2a753448948993135e3410411f6f319c8680704efe48478aa7824	zip
2024-07-09 19:10:15	0bf697f9b109d666976c529aee293e107376d79f6a3476e71076330e62afa3ed	zip
2024-07-09 19:10:15	a638981bac812e031831e470fde96dbf3c53aa0f748867d07dbd3ab07be81686	zip
2024-07-09 19:10:15	fdd87312bde12c0ea75d902a1d759d506ea621930c552216e62a0a8ba6f860f9	zip
2024-07-09 19:10:14	ce8f36cb260a5e3d03fab13624208d531551b5dc82e2097b9dd38707c32852de	exe	PureLogStealer
2024-07-09 19:10:14	65ee8d7771b52b27877312e1f9ac2ef1e99b5ec3ba4cd0d5ebf5100c66c92546	zip
2024-07-09 19:10:14	4491db76893a685c6ae5035f95a3075313d439e64fb6284eb48c881ae980d89b	zip
2024-07-09 19:10:14	ffe4a92c8dea3127bc34e0a461e5d644213ed8edfd239bd06178e217087e2ee6	zip
2024-07-09 19:10:14	92171b6e09968b8085c14da14d83185189eaa79dd94cf3b9cf6e1fd8c1ae942f	zip
2024-07-09 19:10:14	7d787575c0f7db761bc96bc46f0736fec8eefc2981db5dfd8d9f6ae229f3b9e0	zip
2024-07-09 19:10:14	16f88d94ea702db9504f04d67cae5450d89a4193cd65f901fb04fe5b9af275ba	zip
2024-07-09 19:10:14	4bab5b6801a245456e0b6970d37823f8de6a949934551f79ce58ade2f8b2802c	zip
2024-07-09 19:10:13	24812c5358e797b841851a53254d07a231964138ee9e05698177e538da824e8b	zip
2024-07-09 19:10:13	1405d349d5d4028eb774adde9cfaaf4435ffcfd371c4a15e0c3d935c1869ad80	zip
2024-07-09 19:10:13	861383ff25ac651f203eae6a9d1f96a08e03971ddb16d1c6a25c3715ec1f9d65	zip
2024-07-09 19:10:13	45c3e9417d9ba9c65023e3bd45a866f06df2e6b8ef1eb62e93811400b0b2d8dd	zip
2024-07-09 19:10:13	3e3ff369c6f3b7c8b695397878089583295860a00ee71941034fd01bb340cc02	exe
2024-07-09 19:10:13	a473400f21e74c85bb5d1affd85ed31a86ce22509a8774d7f42b244dfe723eb9	hta
2024-07-09 19:10:13	3e3ff369c6f3b7c8b695397878089583295860a00ee71941034fd01bb340cc02	exe
2024-07-09 19:10:13	1f1d58a2b6a318a224786db3cbd9e7ccb69bd80d228ef820fc9cc4d82a67c222	zip
2024-07-09 19:10:13	eede3d0f95fce728298ca27e5e56eb737968851c13f06c510c9c33545d5282c8	zip
2024-07-09 19:10:12	7da89b9c2432fa30c7248f939262e07d07dd4651029a5e080c768230bbefc38f	zip
2024-07-09 19:10:12	8d011bd18a12260b21fd2c351d54c79e9c232193b9a4064cc22ff8ad07d7ffdb	hta
2024-07-09 19:10:12	9148283a3acef843bf50f4f92e07bf4fb9ae7777a1fe063c3c5f6b8307a8bb10	zip
2024-07-09 19:10:12	3ce804b20fe2619ad5f6262f479103660c12a7fed0bfb47d3c1c5a84bdb32272	zip
2024-07-09 19:10:12	a23a7811bd27236e626631e187973cf0e6db2336452fa7a008147962aeca51c9	zip
2024-07-09 19:10:12	70bc0ed509e039bce4f445aea72b7a90d3cce16144d8f5a5301769a016c93ec6	zip
2024-07-08 07:27:10	cf98fa049491396c083dd19675a8b78c273fb9021e1219b0345dfe9fe596dc1c	unknown
2024-07-08 07:27:10	a5aa4c542f5431e919fa6b9ab93d38e1a4f55a769b4b99818ff5b20faac41df3	unknown
2024-07-08 07:27:10	f49b07a1d1def9aeadae4455194930c3023c3cd1d5e875ad92f5eb22e4e60df4	unknown
2024-07-08 07:27:10	92931a8f91d661cce0204783604ef536a4134376a9ed2e461720c7b93a129746	exe
2024-07-08 07:27:10	7730193f262273293c9e8c4202c148192c047cd31a7cb8b2b60e487c3a3929b8	unknown
2024-07-08 07:27:10	0b91154f7907ff59359c2f923b2ea91970b8a2899259c4a7713056cee656453c	exe
2024-07-08 07:27:09	840226ee14837fd6a2033c9696eabf5e488fa14c2149899560d9666bbb39ad4c	hta	CobaltStrike
2024-07-08 07:27:09	17a93e8178dfa1018e77bd199d2d2e0aa3cd44b02abffb86a2a878b883e4946d	zip	PureLogStealer
2024-07-08 07:27:09	cfe265ccda2de2913ed1b8e3bf38df40c5f02e1aaba8d45579298a9302c12b22	exe	PureLogStealer
2024-07-08 07:11:15	5017c8798a2a9102c82ab896eae71e4a294dfb1f7a44a341b7c84dab4b12209e	unknown
2024-07-08 07:11:12	e53730ae2df93f79892cf600bd43dbc822a2ac600553d9010f4f2021b71f987e	exe