URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: btgapp.club
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2020-07-01 12:37:34 UTC
Total malware sites :12
Online malware sites :0 (0%)
Offline Malware sites :12 (100%)
A record(s) observed :1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2020-07-01 12:37:37 185.203.243.211free.example.comNot listedAS204601 PODAON- NLno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2020-07-01 23:39:35http://btgapp.club/hta1.exeOfflineexe Formbook ext p5yb34m
2020-07-01 23:17:34http://btgapp.club/tg3.exeOfflineexe p5yb34m
2020-07-01 18:33:07http://btgapp.club/tg2.exeOfflineAgentTesla ext exe zbetcheckin
2020-07-01 18:24:03http://btgapp.club/tg1.exeOfflineAgentTesla ext exe zbetcheckin
2020-07-01 12:44:33http://btgapp.club/hta3.exeOffline vxvault
2020-07-01 12:43:08http://btgapp.club/db1.exeOfflineRedLineStealer ext vxvault
2020-07-01 12:42:35http://btgapp.club/db2.exeOfflineAgentTesla ext vxvault
2020-07-01 12:41:33http://btgapp.club/fl3.exeOffline vxvault
2020-07-01 12:40:36http://btgapp.club/fl1.exeOfflineRaccoonStealer ext RedLineStealer ext vxvault
2020-07-01 12:39:34http://btgapp.club/db3.exeOffline vxvault
2020-07-01 12:38:10http://btgapp.club/hta2.exeOfflineAgentTesla ext vxvault
2020-07-01 12:37:37http://btgapp.club/fl2.exeOffline vxvault

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2020-07-02 11:10:2058556055a31ae8d4e6bc4afd7feaf61439ea03860546796f6a1bc2cd100625ceexeAgentTesla
2020-07-02 09:28:36bfb194c2020359da5169cc6eb2664551e61ccbe7c67af375c7c7c5c8f2b84bc9exeFormbook
2020-07-02 00:16:41429cefff743820eac9d12ba43fb0c12bd77b854330164a74b6450230a31928bcexeElysiumStealer
2020-07-01 23:39:34a8acc5541232cb969af9af29cf382e2ed3391f8807d225d42808aab70cca5fc1exe  
2020-07-01 23:17:344adeb825a7c078f43a3929a2b6ee71b23a7636f920f791b00169e6ef4a748b30exe 
2020-07-01 20:04:04de989a7339fadd1a4c95ce4ff18fca9959cee32161354062327b52a38541d02cexeAgentTesla
2020-07-01 18:33:07de989a7339fadd1a4c95ce4ff18fca9959cee32161354062327b52a38541d02cexeAgentTesla
2020-07-01 18:24:031681aa9c53703a91a8feb2296051bffc02763c1663e8e50113d51c4b7cb37378exe 
2020-07-01 17:19:374adeb825a7c078f43a3929a2b6ee71b23a7636f920f791b00169e6ef4a748b30exe 
2020-07-01 17:19:364adeb825a7c078f43a3929a2b6ee71b23a7636f920f791b00169e6ef4a748b30exe 
2020-07-01 17:19:364adeb825a7c078f43a3929a2b6ee71b23a7636f920f791b00169e6ef4a748b30exe 
2020-07-01 16:01:11f59acd24bc0eb9bb88a1f4ce31daf924622666039f98f9426a63c6d2242a3617exeRaccoonStealer
2020-07-01 14:35:57d51861bee7da084197de80b44da801303efb75d19d27bad917eac7dd6036cb71exeRedLineStealer
2020-07-01 12:44:33eb4a13bcb6b1e05474e7f4ced08a186871420581dd3d4f9a0d55361d6d190573exe  
2020-07-01 12:43:08aa30299c8266809acb727ef5ec89a80f0cdbcc848550607743f256438f00e398exeRedLineStealer
2020-07-01 12:42:35178cf2e50182606e000719ee8b7caa9c620950155542d10de6dd7eb5a2a34d01exeAgentTesla
2020-07-01 12:41:33eb4a13bcb6b1e05474e7f4ced08a186871420581dd3d4f9a0d55361d6d190573exe  
2020-07-01 12:40:360a20f486ccf411fc53264ddca20c0df4390081e5e7695cad8420ba1f0c052e5aexe  
2020-07-01 12:39:34eb4a13bcb6b1e05474e7f4ced08a186871420581dd3d4f9a0d55361d6d190573exe  
2020-07-01 12:38:10178cf2e50182606e000719ee8b7caa9c620950155542d10de6dd7eb5a2a34d01exeAgentTesla
2020-07-01 12:37:37e03453f7d20650bab10d1e70c787c329dab6360512b47070408010806cc8401dexe