URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	greenpayindia.com
Domain registrar:	BigRock Solutions
Domain registration date:	2018-11-18 11:42:40 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-02-17 22:03:04 UTC
Total malware sites :	14
Online malware sites :	0 (0%)
Offline Malware sites :	14 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-02-17 22:03:10	162.241.120.180	162-241-120-180.webhostbox.net	Not listed	AS19871 NETWORK-SOLUTIONS-HOSTING	US	no
2021-11-18 14:35:13	209.99.40.222	209-99-40-222.fwd.datafoundry.com	Not listed	AS23005 SWITCH-LTD	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-10-13 07:18:05	http://greenpayindia.com/wp-conternt/ConsoleApp...	Offline	exe opendir rat RemcosRAT	abuse_ch
2021-10-07 06:40:16	http://greenpayindia.com/grren/ConsoleApp17.exe	Offline	remcos RemcosRAT	AndreGironda
2021-07-13 06:42:06	http://greenpayindia.com/ConsoleApp6.exe	Offline	RemcosRAT	AndreGironda
2021-07-10 06:31:07	http://greenpayindia.com/ConsoleApp2.exe	Offline	remcos RemcosRAT	AndreGironda
2021-07-08 17:58:04	http://greenpayindia.com/ConsoleApp131.exe	Offline	32 exe RemcosRAT	zbetcheckin
2021-07-08 07:06:04	http://greenpayindia.com/ConsoleApp15.exe	Offline	32 exe RemcosRAT	zbetcheckin
2021-07-08 03:11:40	http://greenpayindia.com/ConsoleApp17.exe	Offline	32 exe Formbook	zbetcheckin
2021-07-07 22:53:04	http://greenpayindia.com/explorer.exe	Offline	32 exe RemcosRAT	zbetcheckin
2021-07-07 22:09:04	http://greenpayindia.com/ConsoleApp5.exe	Offline	32 exe RemcosRAT	zbetcheckin
2021-07-07 19:33:05	http://greenpayindia.com/config.exe	Offline	32 exe RemcosRAT	zbetcheckin
2021-06-29 17:21:16	http://greenpayindia.com/okay/Protecteded.exe	Offline	bitrat	James_inthe_box
2021-06-25 16:37:05	http://greenpayindia.com/money.exe	Offline	bitrat exe	mattdep_
2021-02-17 22:04:04	http://greenpayindia.com/king/file/ach/login/Pr...	Offline	Encoded js	p5yb34m
2021-02-17 22:03:11	http://greenpayindia.com/king/file/ach/login/At...	Offline	Encoded	p5yb34m

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2021-10-19 16:12:08	3242e8b156688b8925a6aa109a87844a9879d35425c0197128212ab6324d90ae	exe		RemcosRAT
2021-10-13 07:18:05	b774d45c6788cc48716eee3e81002e5b74996a3c2610967f3d19115646ca4d6a	exe		RemcosRAT
2021-10-07 06:40:16	b3e18d1026779e01b6bc834a8da488eeb669e5e366ef8d495c109c0f1424d3c1	exe		RemcosRAT
2021-07-13 06:42:06	7f03d6f5a38d18082c3dd60b773921aecd203a839446a4aca4908309a004b4a4	exe		RemcosRAT
2021-07-08 17:58:04	4418451ac62d0ded7768617f213598565700604cc9856cb6b2709f1e5304c2a1	exe		RemcosRAT
2021-07-08 07:06:04	8c9ba9842e3e17a820085d913d34d20414ab7acee8106142ce04b5b2bf2581b7	exe		RemcosRAT
2021-07-08 03:11:38	607995b16cd6300fde94e5613d5c708331f0e7b2b91ea6210a0f6b3a5cbdf64f	exe		Formbook
2021-07-07 22:53:04	129b7cf64e3afecabb3a0c27fedc69cbade9c81ce3c0a5da367717bdef49f7c9	exe		RemcosRAT
2021-07-07 22:09:04	5c85d31e96aa84a80c123af889f960bbf39a7c13a2ed9e2d9644ad2e3fa366de	exe		RemcosRAT
2021-07-07 19:33:05	79861a10fcfaf967d54382b93d84ed03e5d5202cd3dfdcb599a535520360017e	exe		RemcosRAT
2021-06-29 17:21:16	90cf380fe740fe0238b6657feee9905d2f03a6945bcde6db01f24948a3a41a7a	exe		BitRAT
2021-06-25 16:37:05	06eaa572cc393d8121367c6bbebaa97068e738bd2ceee60d32b8d894af68a595	exe		BitRAT
2021-02-19 12:22:04	2b56368a321db3006976d415ae6b8ab729b68fb48e12d57fc5cf88302551de66	txt
2021-02-18 13:29:49	2dacd3b110aecb3dc377bf99f27dfbbb711a0187d9a2b0acdc7cf4f767f36ee4	txt
2021-02-17 22:03:09	e75bf726338bab72d3c909c15da31492d0bdd4e0de47a30a11a8d7111da580be	txt