URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: gdcgroup.vn
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2022-12-05 15:20:17 UTC
Total malware sites :5
Online malware sites :0 (0%)
Offline Malware sites :5 (100%)
A record(s) observed :3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-05-01 16:43:29 45.252.250.30Not listedAS63760 AZDIGI-AS-VN- VNyes
2022-12-05 15:20:33 112.213.89.74honey.dotvndns.vnNot listedAS45544 SUPERDATA-AS-VN- VNno
2025-04-28 05:02:09 103.77.162.41hampton.maychu.cloudNot listedAS45544 SUPERDATA-AS-VN- VNno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2023-03-21 22:08:08http://gdcgroup.vn/wp-admin/0ipWMQYggLOD8Waf/Offlinedll emotet ext epoch4 heodo ext zip Cryptolaemus1
2023-03-16 20:52:15http://gdcgroup.vn/wp-admin/XhSB9nYvO/Offlinedll emotet ext epoch5 heodo ext Cryptolaemus1
2022-12-19 21:39:39https://gdcgroup.vn/nqu/index.phpOfflineBB11 img iso Qakbot ext qbot ext Quakbot ext TR TR23 zip Cryptolaemus1
2022-12-06 17:22:48https://gdcgroup.vn/ti/index.php?QBOT.zipOfflineBB09 Qakbot ext qbot ext Quakbot ext TR U12 vhd zip Cryptolaemus1
2022-12-05 15:20:33https://gdcgroup.vn/lqau/index.php?QBOT.zipOfflineBB09 N54 Qakbot ext qbot ext Quakbot ext TR vhd zip Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2023-03-23 23:15:41a851f1ef377b9e8090aea7becd698e0bd8172b79889adb2f8fb72d1fb587fc96zip Heodo
2023-03-23 20:34:574b36fc534a0dca5c20f559ba22228183d3b3bb460549a71e425ffb0e778735bdzip Heodo
2023-03-23 18:24:38e76e8092b2486d3bf98b585972018778bbfdd653d6868b5110dfe40b9309fdf1zip Heodo
2023-03-23 17:15:034876af5b884a181998ffe23fbd4dfbff2eefa40f3e8bfe1651115efe2615b449zip Heodo
2023-03-23 10:12:312ef3845aecc2434d44a8c639bd8688aaf143a53d65b5588a0674c3c915a1dab3zip  
2023-03-23 08:17:594727497f6d03a2e2dfaef86683fcd909e9d75c7101176cf15b17724e26a766cbzip Heodo
2023-03-23 06:45:39e8be0bf2cdba9852d530b309a7f0e27e89e07afb3fc3b5ac6fcd887fe8ad2c86zip Heodo
2023-03-23 03:45:31e6275faa1b9c032cc7d1df4a44ecd9fcdc92751048940c9e79b7b6f84933ddadzip Heodo
2023-03-23 02:25:22efa4593f7020f569712e8150e73a3b14b3247c5771bb6b11058682ca066bf6b9zip Heodo
2023-03-23 02:07:588451e6c24f691ca5fbb81587caf3a1a7496560d2c8c1382baa5ac464bd6d02f3zip Heodo
2023-03-22 23:45:0552b701da99e5e228ba72db97e38458ef611d897f5b7519c93a0d0dca64af44e7zip Heodo
2023-03-22 20:03:167c26e7b171ed1d3831ab2836460ecf633cebd0043f0d495c251d54158844812ezip Heodo
2023-03-22 18:43:088c0aff472bffb948ea236bdc9ae8972c81d9b81a9e9365f62e1c055a6a00f9cbzip Heodo
2023-03-22 17:16:40bcd96d332a01819232e8423d5d52431eda112f5d39462b6303a5acbd64a76c12zip Heodo
2023-03-22 10:23:4268e36860b301530ea38441c9c3233b877917f269a05a5424ac40cbbf7c629449zip Heodo
2023-03-22 08:11:396389274eaaa892a33fe09fbf6bc85a08aab3577bbeb48ca0afb66a93eb5f68d7zip Heodo
2023-03-22 06:57:488bda787264afb5ee3dff44601a336aec4eb788bac8f4f3cb6767f37d75cef57azip Heodo
2023-03-22 01:55:31a305ef364383baceee4808260d15784fb7a2a5a787e390138d9266aaa5e0ff23zip Heodo
2023-03-21 23:50:297c92a1613c16ae9c2d401d18e1b13a58a7c96e85ee48ff3a68250ca2e35f00d1zip Heodo
2023-03-21 22:08:089dcf4ee48d9b986ad1c8e55ea10f51c3ce8067ca99daca0ab7d0b37f3106e1b6zip Heodo
2023-03-17 10:16:12fd79e8fa5e3801101a1305b6aba7a5e7fdc852ed9036d6d9a5210be414a5cc5adllHeodo
2023-03-16 22:48:080b8682fe1ee1d9a8ad485452179e9c8651c682660591077e0fb7077e89af81bddllHeodo
2023-03-16 20:52:14b6dac05e61ee711e5e56ab6dea94ae3d400897ecc76544a0c6fd9817ac91ec88dllEmotet
2022-12-20 14:06:4913a1612b9477de500c2170690e22ff11f88e0a4cbf0ee63a6994135b23485680pdf  
2022-12-06 17:22:48f08dc7a5f120f8ee8ec94a570a193e2aadc11b7a5c810d9ab5251b655788f1c0zip  
2022-12-05 15:20:338ddc5bedf8d951ac07deb38a08c371d847c1cea46b7be0394dfa1df3db017753zip