URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	94.198.53.143
Firstseen:	2023-12-03 12:58:03 UTC
Total malware sites :	24
Online malware sites :	0 (0%)
Offline Malware sites :	24 (100%)

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2023-12-03 12:58:09	94.198.53.143	s706251.srvape.com	Not listed	AS56694 SmartApe	RU	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-12-03 12:58:28	http://94.198.53.143:8000/WILD_PRIDE.exe	Offline	Sliver	abus3reports
2023-12-03 12:58:26	http://94.198.53.143:8000/ngrok.exe	Offline	exe hacktool ngrok	abus3reports
2023-12-03 12:58:24	http://94.198.53.143:8000/native_dropper	Offline		abus3reports
2023-12-03 12:58:16	http://94.198.53.143:8000/VmManagedSetup.exe	Offline	SystemBC	abus3reports
2023-12-03 12:58:15	http://94.198.53.143:8000/hyp.bat	Offline		abus3reports
2023-12-03 12:58:15	http://94.198.53.143:8000/NG2.bat	Offline		abus3reports
2023-12-03 12:58:15	http://94.198.53.143:8000/LOGOFALL1.bat	Offline		abus3reports
2023-12-03 12:58:14	http://94.198.53.143:8000/def1.bat	Offline		abus3reports
2023-12-03 12:58:14	http://94.198.53.143:8000/z1.bat	Offline		abus3reports
2023-12-03 12:58:13	http://94.198.53.143:8000/delbackup.bat	Offline		abus3reports
2023-12-03 12:58:12	http://94.198.53.143:8000/setup_uncnow.msi	Offline	AteraAgent	abus3reports
2023-12-03 12:58:12	http://94.198.53.143:8000/Posh_v2_dropper_x64.exe	Offline		abus3reports
2023-12-03 12:58:10	http://94.198.53.143:8000/py_dropper.sh	Offline		abus3reports
2023-12-03 12:58:10	http://94.198.53.143:8000/LOGOFALL.bat	Offline		abus3reports
2023-12-03 12:58:09	http://94.198.53.143:8000/NG1.bat	Offline		abus3reports
2023-12-03 12:58:09	http://94.198.53.143:8000/atera_del2.bat	Offline		abus3reports
2023-12-03 12:58:09	http://94.198.53.143:8000/shadowGuru.bat	Offline		abus3reports
2023-12-03 12:58:09	http://94.198.53.143:8000/z.bat	Offline		abus3reports
2023-12-03 12:58:09	http://94.198.53.143:8000/atera_del.bat	Offline		abus3reports
2023-12-03 12:58:09	http://94.198.53.143:8000/ON.bat	Offline		abus3reports
2023-12-03 12:58:09	http://94.198.53.143:8000/backup.bat	Offline		abus3reports
2023-12-03 12:58:09	http://94.198.53.143:8000/clearlog.bat	Offline		abus3reports
2023-12-03 12:58:09	http://94.198.53.143:8000/defendermalwar.bat	Offline		abus3reports
2023-12-03 12:58:09	http://94.198.53.143:8000/shadow.bat	Offline		abus3reports

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-12-12 07:58:08	cbe8f990dd08b3f7566b118a3e99fa0d21b1ec39210a7b0ba86a15c681a9b85e	exe	Sliver
2023-12-03 12:58:28	1aecadf489a6dd7a3a6e5dfda9425673a9d04d38a5cb6b0b8f961536c11237ed	exe	Sliver
2023-12-03 12:58:26	1b60097bf1ccb15a952e5bcc3522cf5c162da68c381a76abc2d5985659e4d386	exe
2023-12-03 12:58:23	039bf780ae46875945344af489a590c5b7a36d458372a3173b55b3dc3559dfff	elf
2023-12-03 12:58:16	cc4960939a41d6a281ddad307b107e16214f4aeda261c9b5037f26e60dc7bba2	exe	SystemBC
2023-12-03 12:58:15	08d40a402b3754e52e4e86003bffddfdccbceefd335f53591f4cf715f8d30321	bat
2023-12-03 12:58:15	d97e2e5e6b23ee0f1efa7326d7ac3240a0df9770bf7c2992eec890f073c9cada	bat
2023-12-03 12:58:15	3691dbb1834db4eb8ef4c195d26779b87db267a56f2ebca6c146a53fb8adb9c0	bat
2023-12-03 12:58:14	0e626e01d3ae7840aa486468f40138284ccbd70dfe336a6b5d4008d01eb79988	unknown
2023-12-03 12:58:14	a668a98e57c03decf6ea76bb32f67f3f077ef2277e57f4117d44f4342977fddf	bat
2023-12-03 12:58:13	6cff22a3ea7c054075b9aded5933587bf997623183539e10e426d103d604f046	unknown
2023-12-03 12:58:12	63229da1bed0c0eafc4ed087651af3eec521e7fbd098300f7d862582d03a675d	exe
2023-12-03 12:58:12	91d9c73b804aae60057aa93f4296d39ec32a01fe8201f9b73f979d9f9e4aea8b	msi	AteraAgent
2023-12-03 12:58:10	03b3c37300bf9dcfaa4594e86841b70263324dda305484fb268b27deb09f936c	unknown
2023-12-03 12:58:09	512beb7dfa9fdbc8be7fbf59c7bec7911296f9e36c8a3d3b95e7aef4a88bf09c	unknown
2023-12-03 12:58:09	2bcd5702a7565952c44075ac6fb946c7780526640d1264f692c7664c02c68465	bat
2023-12-03 12:58:09	beb5022543a1e12e1f8f5ffe5d520e5fc9cf623aea512cfb43ea2f8c2897420c	unknown
2023-12-03 12:58:09	5b43428452a867ad61554d763c8f19ca4cd8af8c31194304785e9e45f9258441	bat
2023-12-03 12:58:08	7e623f907b4a4c924cd8af3bf4b8df45b6f904723cbb26ec87cfe7792388afe1	bat
2023-12-03 12:58:08	38283b775552da8981452941ea74191aa0d203edd3f61fb2dee7b0aea3514955	bat
2023-12-03 12:58:08	ea7dec8fa52d2300350367691ae2fbea13dbd5bf80d6b43b05eedf197529aa77	unknown
2023-12-03 12:58:08	b0056bef817408449470d3fa43e13cbc89cabdae795b1dc8cbe9905c5946f530	unknown
2023-12-03 12:58:08	09f91e90a1604a633c00d6039581f552603421356cb1edb62e085b32ff01b94e	bat
2023-12-03 12:58:08	87ab1707a553557b10fa721a32f053fbb40d11de6f692e96e067d03316fe530b	unknown