URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	94.156.79.77
Firstseen:	2024-04-21 16:42:03 UTC
Total malware sites :	15
Online malware sites :	0 (0%)
Offline Malware sites :	15 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2024-04-21 16:42:06	94.156.79.77		Not listed	AS57043 HOSTKEY-AS	NL	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-04-24 09:37:27	http://94.156.79.77/Aqua.ppc	Offline	elf	ClearlyNotB
2024-04-23 14:43:05	http://94.156.79.77/Aqua.sh4	Offline	32 bashlite elf gafgyt mirai renesas	zbetcheckin
2024-04-23 14:43:05	http://94.156.79.77/Aqua.m68k	Offline	32 elf mirai motorola	zbetcheckin
2024-04-23 14:43:05	http://94.156.79.77/Aqua.arm6	Offline	32 arm elf mirai	zbetcheckin
2024-04-23 14:43:05	http://94.156.79.77/Aqua.arm4	Offline	32 arm elf mirai	zbetcheckin
2024-04-23 14:43:05	http://94.156.79.77/Aqua.arm5	Offline	32 arm elf mirai	zbetcheckin
2024-04-23 14:42:07	http://94.156.79.77/Aqua.i686	Offline	32 elf intel mirai	zbetcheckin
2024-04-23 14:42:07	http://94.156.79.77/Aqua.x86	Offline	32 elf intel mirai	zbetcheckin
2024-04-23 14:42:07	http://94.156.79.77/Aqua.x86_64	Offline	64 elf mirai	zbetcheckin
2024-04-23 14:42:06	http://94.156.79.77/Aqua.mpsl	Offline	32 elf mips mirai	zbetcheckin
2024-04-23 14:42:06	http://94.156.79.77/Aqua.spc	Offline	32 elf mirai sparc	zbetcheckin
2024-04-23 14:07:06	http://94.156.79.77/wget.sh	Offline	ascii	geenensp
2024-04-21 17:46:03	http://94.156.79.77/sh.sh	Offline	ascii	geenensp
2024-04-21 16:43:05	http://94.156.79.77/Aqua.mips	Offline	32-bit elf mips mirai	geenensp
2024-04-21 16:42:06	http://94.156.79.77/Aqua.arm7	Offline	32-bit arm elf mirai	geenensp

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2024-04-24 09:37:27	87b99e769615fe3aa5e55019cf88fa96972e7021dc49ba21fff21a2351af4de9	elf
2024-04-23 14:43:05	75600ccfde87375df9385bfc70f8153b9926b702446e616076518a6a21037b8d	elf	Mirai
2024-04-23 14:43:05	130c8fc7a6e5e3a0f3bd8c2bbf231af16a478603706d7f670f3eb0f0742d78ad	elf	Mirai
2024-04-23 14:43:05	be9ac23bde9eee1edf019e78698e6622a5e43142b653f26ba43fa1925330b00b	elf	Mirai
2024-04-23 14:43:05	159497c764b01330a7b101f88480d261ed9447639e54fc0fa0c7837ec1cd122b	elf	Mirai
2024-04-23 14:43:05	a757c63a3b1fd90cd245c9590266906aac0d02712049cb6873f0e2c2adc3b4c9	elf	Mirai
2024-04-23 14:42:07	054cac1cb6e624d93aac3074231554bf683185e9316504bdf26a3c758dd602fb	elf	Mirai
2024-04-23 14:42:07	218bc4e1f04e2748857d01ea8bd9d8fd84bc77346c5c7a21f36d576262b40756	elf	Mirai
2024-04-23 14:42:07	3747e97b4f60e1c0495ab4e0ce8c604d633d553346fa83fc3d8a18058cecacf6	elf	Mirai
2024-04-23 14:42:06	4e3ea3385ea84d2ad76cb34eb7188aff681a5a2513b3922f12846dc4d4ba2495	elf	Mirai
2024-04-23 14:42:06	1e701d79f91e41daf8487f7736ea15513618ef7f58973a6cd633849a571eddcf	elf	Mirai
2024-04-23 14:07:06	4eb41fe8f17a7cbd85e2ea1bcc68a7e153990eeeb714036082c6c725011c275c	unknown
2024-04-23 07:22:56	a93baabdfac2c9c92059075ff04c0d74da65c6f00b84f5e880792ecf9b71aac8	elf	Mirai
2024-04-23 07:02:41	053cdf9b979fbd6a898e2227bb11dbd103df5e4b0bee9db737fa4426439c739e	elf
2024-04-21 16:43:05	15283496148f7be9388219dfeacbadcf0a2b7e249cb5317dfb9d851a7f6115c7	elf	Mirai
2024-04-21 16:42:05	8503c9871375c4f75ed00cf486f05307687477935898547e7ef83ce7c724c110	elf	Mirai