URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-04-01 12:39:11	https://feelgreatnow.co/dpp28FA0.bin	Offline	encrypted Formbook GuLoader	abuse_ch
2020-03-31 17:14:04	https://feelgreatnow.co/pp467EB00.bin	Offline	encrypted Formbook GuLoader	abuse_ch
2020-03-25 12:45:12	https://feelgreatnow.co/papsA88F.bin	Offline	encrypted Formbook GuLoader	abuse_ch
2020-02-23 00:11:06	https://feelgreatnow.co/Y37437473.fdg	Offline		ps66uk
2020-01-30 10:23:24	https://feelgreatnow.co/jj_6B13.txt	Offline	Formbook	vxvault

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2020-04-01 12:39:11	2785c90e8f4d0d0740cdb2a9d19af571edce3ea01e7c7902a98b871aaa126e6f	unknown
2020-03-31 22:29:08	95d3e0b31d3b328d96898760ee6bab18ba6daf69871850bb526e1bfe60052645	unknown
2020-03-25 12:45:12	6f196dbe607f57486750f12f0ad2114b380b21568acac5dcb4f8fd3a0a49ae77	unknown
2020-02-23 00:11:06	95fa7f592694f05f679ece4a181ffcb112b9a9510c2f2efb16b860b08b9e330a	exe
2020-01-30 10:23:23	29a7cdec52ae4d9aadae9d215f8efbb3282cb2d74262a32a701bc5ecfc88e320	exe		FormBook