URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	eurex.ps
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-03-18 07:18:03 UTC
Total malware sites :	11
Online malware sites :	0 (0%)
Offline Malware sites :	11 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-03-18 07:18:05	192.185.155.188	192-185-155-188.unifiedlayer.com	Not listed	AS19871 NETWORK-SOLUTIONS-HOSTING	US	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-03-19 15:07:13	http://eurex.ps/vespa/betnal.exe	Offline	exe RemcosRAT	abuse_ch
2021-03-19 15:06:56	http://eurex.ps/vespa/regsvcxm.exe	Offline	exe SnakeKeylogger	abuse_ch
2021-03-19 15:06:52	http://eurex.ps/vespa/mancy.exe	Offline	exe RemcosRAT	abuse_ch
2021-03-18 19:01:04	http://eurex.ps/bomx/abnol.exe	Offline	AgentTesla exe opendir	abuse_ch
2021-03-18 18:54:04	http://eurex.ps/bomx/mcnam.exe	Offline	exe opendir RemcosRAT	abuse_ch
2021-03-18 18:51:05	http://eurex.ps/bomx/ndena.exe	Offline	AgentTesla exe opendir	abuse_ch
2021-03-18 18:51:05	http://eurex.ps/bomx/mbena.exe	Offline	AgentTesla exe opendir	abuse_ch
2021-03-18 18:51:04	http://eurex.ps/bomx/doglox.exe	Offline	AgentTesla exe opendir	abuse_ch
2021-03-18 09:42:05	http://eurex.ps/english/okl/xckex.exe	Offline	AgentTesla exe	zbetcheckin
2021-03-18 07:18:09	http://eurex.ps/bomx/4IM6UdbDirEU0hR.exe	Offline	exe opendir SnakeKeylogger	abuse_ch
2021-03-18 07:18:05	http://eurex.ps/bomx/abman.exe	Offline	AgentTesla exe opendir	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2021-03-19 20:39:48	90089cb8df29d4d8169975ce0545f298aa830376a12a097722ec7f8ef9317760	exe	AgentTesla
2021-03-19 15:07:13	6b6d820ce1c8df1c795e938995133201a5c75ad3989cd51568323b671ecf8109	exe	RemcosRAT
2021-03-19 15:06:56	4646cdc649c3d1a2c68fdf4f40f1006b55ed3d30bbe0e07b2e27ac91edcdba21	exe	SnakeKeylogger
2021-03-19 15:06:52	ead243034e5816a6899ee5a8aa2582c58824bbb06967a25ca2811f83457c9b46	exe	RemcosRAT
2021-03-19 13:40:42	1e610d9e5c54f5f5ecece3d88d3d1787fca89cc1975f56cc352e4963e977c3cb	exe	SnakeKeylogger
2021-03-18 19:01:04	8a3e6eba5ffc2a598f2f7d4b2c1a73c845f8c1660ed47c0cdc1df48844f7f1eb	exe	AgentTesla
2021-03-18 18:54:04	38e003f280936ad6c0cacd7a57e6864de55b11058f5c0d45f8b3e42313bfdf84	exe	RemcosRAT
2021-03-18 18:51:05	4c83b9a705090f3edd4f8f1322ec609b7a04d59d03b390681c3708c61341eb1a	exe	AgentTesla
2021-03-18 18:51:05	aa128e8000ef9197eed67a5b6f27454e0c1b1878ed7546394fde472d42836eb9	exe	AgentTesla
2021-03-18 18:51:04	83bf33f59a2317bc1dd4457798cae79e2d607d511cf12c3c0cff36886fe20d19	exe	AgentTesla
2021-03-18 09:42:05	2879f1773178be4e0cfea138616e306939389d4d5d55ef94269cda0998cd3244	exe	AgentTesla
2021-03-18 08:33:22	993ff110af136acf1200dd8ad51a4b284a0e2086efffce49d6e3fd759e607420	exe	SnakeKeylogger
2021-03-18 08:27:59	9ecab8874967c53279d62d6fece35433adf4d296ac81d255e7ea61bea88d399a	exe	AgentTesla
2021-03-18 07:18:09	8bf700d82610f1f93068727641d03f699d81b35a8d906f05d00f1853f8be78c0	exe	SnakeKeylogger
2021-03-18 07:18:04	1c7866cbbb7548f836766e024e6bf9d4d300493b83dbeebdcba8b1deff8e35cb	exe	AgentTesla