URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	crc2k18.mooo.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-07-02 07:51:19 UTC
Total malware sites :	8
Online malware sites :	0 (0%)
Offline Malware sites :	8 (100%)
A record(s) observed :	6

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2020-07-02 22:46:38	2.44.30.94	net-2-44-30-94.cust.vodafonedsl.it	Not listed	AS30722 VODAFONE-IT-ASN	IT	no
2020-07-09 13:08:38	2.44.29.236	net-2-44-29-236.cust.vodafonedsl.it	Not listed	AS30722 VODAFONE-IT-ASN	IT	no
2020-07-03 19:31:35	109.115.2.48	net-109-115-2-48.cust.vodafonedsl.it	Not listed	AS30722 VODAFONE-IT-ASN	IT	no
2020-07-02 07:51:21	109.115.12.186	net-109-115-12-186.cust.vodafonedsl.it	Not listed	AS30722 VODAFONE-IT-ASN	IT	no
2020-07-03 19:23:01	93.146.111.94	net-93-146-111-94.cust.vodafonedsl.it	Not listed	AS30722 VODAFONE-IT-ASN	IT	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-07-02 09:17:39	http://crc2k18.mooo.com/rm82/explorer_ga.exe	Offline	exe	zbetcheckin
2020-07-02 09:17:06	http://crc2k18.mooo.com/rm82/explorer.exe	Offline	exe njRAT	zbetcheckin
2020-07-02 09:16:34	http://crc2k18.mooo.com/rm82/crk/explorer.exe	Offline	exe njRAT	zbetcheckin
2020-07-02 09:12:14	http://crc2k18.mooo.com/rm82/fl_register.exe	Offline	exe	zbetcheckin
2020-07-02 09:12:07	http://crc2k18.mooo.com/rm82/crk/nan-crc.exe	Offline	exe NanoCore	zbetcheckin
2020-07-02 09:08:08	http://crc2k18.mooo.com/rm82/nostart.exe	Offline	exe njRAT	zbetcheckin
2020-07-02 09:04:31	http://crc2k18.mooo.com/rm82/crk/svchost.exe	Offline	exe	zbetcheckin
2020-07-02 07:51:21	http://crc2k18.mooo.com/rm82/svchost.exe	Offline	exe ImminentRAT	zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-07-02 09:17:38	8179d0b5e1307621aa793c502a89ac3b7aba833f3b4fc815f99d0dbc85aa7c06	exe
2020-07-02 09:17:06	e03048adb97369b3fc2540acfdb0eae83fb30beefc29569e58b83a10f1fdb56a	exe	njrat
2020-07-02 09:16:34	8ba4683609c189074ab6b0db891787424f225abb21a5df2261587b07f6b63f19	exe	njrat
2020-07-02 09:12:14	8759d45e142c15d4e4cc63fc147114ef52bb57623710552c4ba76f43face2524	exe
2020-07-02 09:12:07	cbaa36e6dfc82d307e840bb2ed3e1322fb07b5086530abee2ae29fa99a355b26	exe	NanoCore
2020-07-02 09:08:08	dc0fd82b7d5439584830c90b28738ebb3f8d48e6c4734bb5945e9589455336b7	exe	njrat
2020-07-02 09:04:31	903dd6a9509f049c71809da7d5b611929d9d748fb69b6e0c05fe141e99862169	exe
2020-07-02 07:51:20	4af607b8f0a25a2125d39656c45466ce256e10d053c7e4b1b230ea839648b076	exe	ImminentRAT