URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: grupodulcemar.pe
Domain registrar: n/a
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Blocked
ProtonDNS :Not blocked
OpenBLD :Blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2024-12-07 14:36:07 UTC
Total malware sites :17
Online malware sites :0 (0%)
Offline Malware sites :17 (100%)
A record(s) observed :1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2024-12-07 14:36:21 161.132.57.101yl-huanta.yachay.peNot listedAS3132 Red_Cientifica_Peruana- PEyes

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2024-12-09 14:46:21https://grupodulcemar.pe/H8hsp6zrMtJI2hC.exeOfflineexe RemcosRAT ext abus3reports
2024-12-09 14:46:16https://grupodulcemar.pe/PO076567890000.exeOfflineexe RemcosRAT ext abus3reports
2024-12-09 14:46:14http://grupodulcemar.pe/factura098765678.exeOfflineexe Loki ext abus3reports
2024-12-09 14:46:02http://grupodulcemar.pe/DFSA0987789000PO.exeOfflineexe Loki ext abus3reports
2024-12-09 14:45:58http://grupodulcemar.pe/FACTURA-09876RT567800.exeOfflineexe SnakeKeylogger ext abus3reports
2024-12-09 14:45:09http://grupodulcemar.pe/FACT0987789000900.exeOfflineexe SnakeKeylogger ext abus3reports
2024-12-09 14:44:58https://grupodulcemar.pe/IB9876789000.exeOfflineexe RemcosRAT ext abus3reports
2024-12-09 14:44:23http://grupodulcemar.pe/na56785590-.exeOfflineexe abus3reports
2024-12-09 14:44:19https://grupodulcemar.pe/PHJG9876789000.exeOfflineexe SnakeKeylogger ext abus3reports
2024-12-09 14:44:17http://grupodulcemar.pe/INVOICE-9876.exeOfflineexe RemcosRAT ext abus3reports
2024-12-09 14:44:14https://grupodulcemar.pe/FDR9876567000.exeOfflineexe abus3reports
2024-12-08 16:38:12http://grupodulcemar.pe/PHJG9876789000.exeOfflineSnakeKeylogger ext abus3reports
2024-12-07 14:43:16https://grupodulcemar.pe/FACTURA-0987678.exeOfflineRemcosRAT ext abus3reports
2024-12-07 14:43:16http://grupodulcemar.pe/INVOICE09000.batOfflinebat RedLineStealer ext abus3reports
2024-12-07 14:43:15http://grupodulcemar.pe/FACTURA09876567000.batOfflineautoinject bat Loki ext abus3reports
2024-12-07 14:36:21http://grupodulcemar.pe/factura.exeOfflineRemcosRAT ext abus3reports
2024-12-07 14:36:21http://grupodulcemar.pe/ION67898700.cmdOffline abus3reports

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2024-12-09 19:55:0828331e2705bf58bd76a9f8ba0f0a431b762eaf6e4284dbf12f1453dd3fecf281exeRemcosRAT
2024-12-09 14:46:208dfdaaecfa4a530b2828a88e10859aab01ef8ec3072b623ce878d123e657adabexe RemcosRAT
2024-12-09 14:46:16cec4f49a5374bf025bd1ccd700897e017be1e67ca6bc248dae9131a85db91c42exe RemcosRAT
2024-12-09 14:46:13be789d9c5185f7f04ddb78f2b39f9dd7415080c4d975139fc612158b0b3a5badexeLoki
2024-12-09 14:45:59afd5885712157bf7e51471f21b977788084aa78bf58d45287b4043edb2ee3495exeLoki
2024-12-09 14:45:57d9b66f2580bd43a5b03487e161d925c63b3d485d22d71607060eb07e453c03d7exeSnakeKeylogger
2024-12-09 14:45:06f3530f9d52d1ba3ed70cc5d603cf0a83771027cda5fd545206e1688589ef69fdexe SnakeKeylogger
2024-12-09 14:44:577053c8d9983dc949e5d559ba1b006b8ba9c059a23e06cd87c857c3d04201381bexeRemcosRAT
2024-12-09 14:44:22656e1bcadf18f78e0a1480beda30b3be8a3aee636c758e30247e2126ad6bed98exe  
2024-12-09 14:44:186328f5ad5d16dbe08046450470e8ca083f07a10aa97401b0425a59d224492b13exeSnakeKeylogger
2024-12-09 14:44:139a32e0821da4466b858ecfd185f3d9bff232d8a3b44983988c248df05ef7c2efexe  
2024-12-08 16:38:126328f5ad5d16dbe08046450470e8ca083f07a10aa97401b0425a59d224492b13exeSnakeKeylogger
2024-12-07 14:43:1649e8a1f12fb5202470604efe01c0d60949d20d302a76aed85b2a049e91266366exeRemcosRAT
2024-12-07 14:43:1578c03c14c48633ac3b310533e338aa8e707d044ea14c1c75ea99c16344159eb2exe RedLineStealer
2024-12-07 14:43:15ecc61fe635e2cdb0859441ef90e330230094e7514cf00cb48829e136d713b63bexeLoki
2024-12-07 14:36:20e51f50b3f520e3de0f0916e0291ad093aa0c50f6c81010001ce5aa2aee88f7b0exeRemcosRAT
2024-12-07 14:36:2018b0b89a23de3f707f105b26ac1890a0c3f1ec97c922b6b0894d6c1e86801b04exe