URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	archbal.sbs
Domain registrar:	Namecheap
Domain registration date:	2021-11-23 18:47:34 UTC
Abuse complaint sent to registrar:	Yes (2022-01-08 08:22:31 UTC to abuse{at}namecheap[dot]com)
Domain registry:	Special Broadcasting Service
Abuse complaint sent to registry:	Yes (2022-01-08 08:22:31 UTC to ngtld-sbs{at}cscinfo[dot]com)
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-12-13 11:26:05 UTC
Total malware sites :	12
Online malware sites :	0 (0%)
Offline Malware sites :	12 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

No IP address found (domain offline?)

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-08 07:52:09	http://archbal.sbs/ewa/aza.exe	Offline	AgentTesla exe	abuse_ch
2022-01-06 09:06:04	http://archbal.sbs/ewa/tew.exe	Offline	AgentTesla exe	abuse_ch
2021-12-22 16:52:09	http://archbal.sbs/ebraznmsd/emex.exe	Offline	exe Loki	abuse_ch
2021-12-15 11:33:08	http://archbal.sbs/semx/sem.exe	Offline	AgentTesla exe	abuse_ch
2021-12-14 17:00:10	http://archbal.sbs/abnop/ab.exe	Offline	AgentTesla exe	abuse_ch
2021-12-13 19:13:14	http://archbal.sbs/merb/meb.exe	Offline	AgentTesla exe	abuse_ch
2021-12-13 19:13:10	http://archbal.sbs/donlaz11/bdal.exe	Offline	AgentTesla exe	abuse_ch
2021-12-13 19:13:09	http://archbal.sbs/benxve/abenm.exe	Offline	AgentTesla exe	abuse_ch
2021-12-13 19:09:09	http://archbal.sbs/ebraznmsd/enebz.exe	Offline	exe Loki	abuse_ch
2021-12-13 19:08:05	http://archbal.sbs/obnesx/ob.exe	Offline	exe Loki	abuse_ch
2021-12-13 19:08:05	http://archbal.sbs/nedxh11/nweds.exe	Offline	exe Loki	abuse_ch
2021-12-13 11:26:11	http://archbal.sbs/qwervy/benx.exe	Offline	AgentTesla exe	ffforward

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-01-08 07:52:09	f0fd61467adc06d117f86ff918d39f4b813d96052afe06f3056c1b117bbf9cb5	exe	AgentTesla
2022-01-06 09:06:04	ece6b51dcd930687a967523139c916c557ba515c8cd62419fc46c1d99268554a	exe	AgentTesla
2021-12-22 16:52:09	514e4130c907379cb37409bc601a566e7dc23b1267f379f16d84ee6dd54cedff	exe	Loki
2021-12-15 11:54:27	23cca5dea466cf7693d50889f30519af2b141cc3986ceb0d37f7e14e46b92aa5	exe	AgentTesla
2021-12-14 17:00:10	0ee04d0fba707a502550fb622f1e562a7b29029e24027424d34c9b5315236e1a	exe	AgentTesla
2021-12-14 12:41:11	11c493f071a37154525990bacd3c84efcdd751719ea82786a36a7503911a4d95	exe	Loki
2021-12-14 12:37:54	53d6b0c6a8f47b0f72b70d65a70b91c181071db96eac4abe3384680376c3fffc	exe	AgentTesla
2021-12-14 12:37:04	67a8a96b422ff70fdbcbcdc73f9868d1ae4481ef3a017e073afbd65e5ed54c40	exe	Loki
2021-12-14 11:35:26	6b999f2a2ffb29ab8f254b6454f49753fb1155bbb7414b0bde038ab74d5023ba	exe	AgentTesla
2021-12-14 11:32:44	4ce19eff1f4d107c79f406c0f20434ebc7eef1d369d927aefb61215f1bda9ae5	exe	AgentTesla
2021-12-14 09:07:25	524f4bee46fc825847c3ca6ff14b3d457e3a3d3629ab3b9489b6716c275976a8	exe	Loki
2021-12-13 19:13:14	de2bf39899549200e938619cc611885e56009fcb3be48662969afe82153910f2	exe	AgentTesla
2021-12-13 19:13:09	9c8deb77732ac5d561f5fdf9a6b34a079b7a3922e4c9e1306de5153dcea3a51f	exe	AgentTesla
2021-12-13 19:13:09	70afb5e05f6645b5d3974350cd322acbb30630bb169c277b39b65a0cdc7087d0	exe	AgentTesla
2021-12-13 19:09:09	c13e80ad965af2380469299e8b983362a2966d0fc5a50eeefc6dbc221238e051	exe	Loki
2021-12-13 19:08:05	5b68bc6511098e14069c0e856efe19d665835260e6cd917c8c6c732e23bc0dc3	exe	Loki
2021-12-13 19:08:05	b50d5b8185bfa8534fd19369b3226e1b62c4b5a61dd2cac4ed5f237039556fc7	exe	Loki
2021-12-13 14:49:22	2899caac6389de53536a18884426561fad7caa6244cac07aeb4451f06aeb3aba	exe	AgentTesla
2021-12-13 14:36:09	682e442108abaeb67d6c64bd2117a33140d5f31b8fd2a9dcd3dae6becc07ea33	exe
2021-12-13 11:26:11	3cd55ad06b5ef66d68fb444ab399f60954ac6712a27d106c14323b9ae64fe991	exe	AgentTesla