URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	cointra.ac.ug
Abuse complaint sent?:	Yes (2023-01-13 16:55:02 UTC to cmusisi{at}uol[dot]co[dot]ug,ksemat{at}eahd[dot]or[dot]ug)
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2023-01-13 16:52:09 UTC
Total malware sites :	1
A record(s) observed :	5

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	SBL	ASN	Country	Active?
2023-05-27 12:02:42	94.142.138.213	SBL655622	AS211522 HYPERCORELTD	FI	no
2023-05-03 13:33:07	91.215.85.135	SBL615768	AS200593 PROSPERO-AS	RU	no
2023-04-14 14:54:09	94.142.138.104	SBL655622	AS211522 HYPERCORELTD	FI	no
2023-03-16 16:48:55	91.215.85.173	SBL615768	AS200593 PROSPERO-AS	RU	no
2023-01-13 16:52:10	91.215.85.158	SBL615768	AS200593 PROSPERO-AS	RU	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2023-01-13 16:52:10	http://cointra.ac.ug/ghjk.exe	Offline	AZORult CoinMiner exe ModiLoader RecordBreaker Rhadamanthys zgRAT	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2023-08-07 14:38:55	29f5a8629986da0b4a353e5423fb39c505cba7c06e7aa4b5a4029c5a1669ae95	exe	Rhadamanthys
2023-07-19 12:37:16	bcf3266e8996bcdb7acb686034f264b07c228ce37f1212b663b636cc0317ee1a	exe	AZORult
2023-07-02 17:15:24	1253ad3ab49cde520cc0f632ad392a246b159faace4e86b0fc3358dc761beab3	exe
2023-06-28 21:13:03	2ad0a86a8c78c4ff669d22f8991b97be2ff8b9f43f70bca8edba49e7d9ca8c4d	exe
2023-06-25 03:33:08	fc6ddb1f7644597b84d14e3efa4cd1a1d1ad0083141b3fa2a613cd3c092f6505	exe	Rhadamanthys
2023-06-22 04:06:58	689237d2f44033680730daca65da6e0e40c943bfb612c8cecce0ad77177aaac8	exe
2023-06-21 21:23:00	d0e3789eb98ff74bae246b25fc6132eb8b10d46ea2ec5eeca60fc1f4ad0365f1	exe
2023-05-28 12:24:52	5d2e841645576d0eefcc6bcc6c0d480c0c6874f05a56e92441319a5c41b38979	exe	AZORult
2023-05-12 05:46:28	bf1d731a91e424fd67778f176ac652fa5ca39f2ab188ef740184e4b2808c7b3c	exe	AZORult
2023-05-11 12:44:59	79a7c9d15971c14d78baccbf211b3ca1e9adcb0befc6d3d1c5d92902d70678e2	exe	AZORult
2023-05-08 15:26:00	84c18f78f11b9bc3fd3e96925d2a7b76ab5ecfb927c377ad27456e191815b24a	exe	CoinMiner
2023-05-03 12:41:18	83263fa7b8c560ae026a24d6ea9e6eafb16aa207cc5557c65c7f71f703f3a593	exe
2023-05-01 15:58:05	e99f79618b991de5d1052096950590a4fe833b885871a96bb1202e3d6dd876a0	exe
2023-04-30 11:25:08	ff277e11345c79a60de0ba45011460629487e82e8b0b58a8ddfdfeca2d7623f5	exe
2023-04-22 13:08:20	0127ebf8628f963a453520b0149fc11fc5d0a56536ce2a41c9dfdd3c597a0746	exe	zgRAT
2023-04-18 11:51:15	b415a5cc8d0c1c960e7bc16bcb9351943b2c998f9430b1a1425b715754cc1e11	exe	ModiLoader
2023-04-14 14:54:09	c90193af8ffe050ad79402dfceb9274be08b300bc02ecb1e6394917ee50934e4	exe	ModiLoader
2023-04-11 03:41:17	f69fe47b45493435767ef633fa0788cfaafca7ce8bea782ca305c5d5627b1660	exe
2023-04-09 14:28:32	5abff7207b977da3f2978a40d0ae30cb55ebb4fffde07814712361b6379bcc33	exe
2023-04-07 15:08:36	4130ce135fbfab00618f261a0397e88479d2f61e1ed0d09ebcde525439774f3e	exe	AZORult
2023-03-23 10:10:50	6ad4c22533cf835aaafd24303e155aa431d3aa38c1746dc8fccf2924e0be4b63	exe	Rhadamanthys
2023-03-16 16:48:55	a54493e71a7f28fe61e607ba4c089ada71e13ff9e1df6cef5619a4163e2b0a1f	exe	AZORult
2023-02-05 09:16:29	4908e51e65bf67fdc3a559be7c47c3df1354a4a864b931cb176d282048f8d9c2	exe	AZORult
2023-01-13 16:52:10	8c5df030de0c79f2155a60e0d5f41889ec8d07d441279d406996dca4639f8539	exe	RecordBreaker