URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: kqz.ugo.si
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2021-07-06 12:38:03 UTC
Total malware sites :2
Online malware sites :0 (0%)
Offline Malware sites :2 (100%)
A record(s) observed :7

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2021-08-22 13:13:59 45.12.32.102free.ns1.sitesblog.comNot listedAS215224 NOVOSERVE-CUSTOMERS-AS- VGno
2021-07-27 11:04:07 203.159.80.40203-159-80-040.static.neep.com.brNot listedAS268624 Gamers_Club_Ltda- BRno
2021-07-21 18:00:11 37.0.11.43Not listedAS3758 SINGNET- SGno
2021-07-19 08:39:39 37.0.8.157Not listedAS48628 CoreISP- GBno
2021-07-06 12:38:06 37.0.11.114Not listedAS3758 SINGNET- SGno
2021-07-21 01:49:42 139.59.118.78soicau666.netNot listedAS14061 DIGITALOCEAN-ASN- SGno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-07-10 22:09:06http://kqz.ugo.si/powerpoint.exeOffline32 AgentTesla ext AveMariaRAT ext exe RemcosRAT ext zbetcheckin
2021-07-06 12:38:06http://kqz.ugo.si/svchost.exeOfflineAveMariaRAT ext exe Neshta RemcosRAT ext Xpertrat vxvault

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-07-26 03:40:26885e34ff7befbdcdb027a017843cbacdba7eebb34d3df2e3113cceb9adafe8b5exeRemcosRAT
2021-07-21 18:11:05548f6a3cc2e79d94f8735680af5a91b4d8dc1a003e578d9027dca782939c9755exeAveMariaRAT
2021-07-21 18:00:11548f6a3cc2e79d94f8735680af5a91b4d8dc1a003e578d9027dca782939c9755exeAveMariaRAT
2021-07-21 01:49:42c86c48057e9be95681c1a2d37f41232a2951988baa71fd415a03ba59725716b1exeAveMariaRAT
2021-07-19 08:50:482d1e7b0b691c806b94f685f348dbe5bb4857edf0408f363314fe97535f4723a1exeAveMariaRAT
2021-07-19 08:39:39cceb66dfe8d4e74b4f6ea988cb978e0438f29ffdb0923d7cb0590583fd31c46fexeAgentTesla
2021-07-16 06:58:48401bce69b94fd198482a5e4c760570afd0e6b85e64871894a4796acd5aeedd48exeAveMariaRAT
2021-07-15 12:10:22691c75376ade3956492197d79853cab8eb38dca6dc2a7c2be3d4f28f445a3d2bexeAveMariaRAT
2021-07-15 01:32:35691c75376ade3956492197d79853cab8eb38dca6dc2a7c2be3d4f28f445a3d2bexeAveMariaRAT
2021-07-14 02:30:4520abe25c4f02f73cdda3e8e74187202fbdbf5fa2fd7fe92b2d1ab328b66c1950exeAveMariaRAT
2021-07-14 02:24:0820abe25c4f02f73cdda3e8e74187202fbdbf5fa2fd7fe92b2d1ab328b66c1950exeAveMariaRAT
2021-07-13 11:44:55dd5107d7cc5b86ef5a650ea6e01b662066c34072859272fa886379e304e7df43exeRemcosRAT
2021-07-13 11:41:54dd5107d7cc5b86ef5a650ea6e01b662066c34072859272fa886379e304e7df43exeRemcosRAT
2021-07-13 08:15:1604cde0c2284cc4dc8f8a5aeadafca6819ab9d11dfb76fb7f3a2fbbf91d3c0e5dexeAveMariaRAT
2021-07-13 08:01:5704cde0c2284cc4dc8f8a5aeadafca6819ab9d11dfb76fb7f3a2fbbf91d3c0e5dexeAveMariaRAT
2021-07-13 07:01:34538b973f12e7eb9390b9b64cb36818b73b139bee73af7d5c7b8c5d72a0dc037aexeAveMariaRAT
2021-07-13 06:46:01b5e245259b5bad5226aa4f388db61b2709866d6722ffd69f283abd3ca6851823exeHeodo
2021-07-12 05:06:24d74d5c42926dda1fa4499cd087c9058411dbf34831cabb822d512b2c9a3728a5exeRemcosRAT
2021-07-12 00:28:5899f6194509980cce34f244d9dbca6d6931f47a02361db73e0f2fc1fa103c997bexeAveMariaRAT
2021-07-11 14:31:5427c7c159ac96bd76fc993fd76e2ee88106631af414a235a2a1aae1e31100af99exeAveMariaRAT
2021-07-10 22:09:05ed62eff9a728c54286e8a6ed5b4bae53667496f354118a75a15a050e15a9df30exeRemcosRAT
2021-07-10 18:48:0686214e9a4b21afd0a46c93ee39eb99b188e43cc773a15f632fe8bea3169ee0a5exeXpertRAT
2021-07-09 17:57:556b22261ef9a97fde0923ffe05c7aa8317fd3b0e27c10fbc967f9961a5f39c105exeXpertRAT
2021-07-09 02:55:1970707206bfdc0b86a9494f7780c55829e993a93a7d65d0279bc9c73b97ffc005exeNeshta
2021-07-08 07:48:59a89bc5bfb93026e56434c1354508dfa0a66821d35f522429582067fc7f9200ccexeNeshta
2021-07-06 16:17:05142707e908e3691c05fe907738e9e0740a81be17f6a5a04d6e51647cdd57ba2fexe Neshta
2021-07-06 12:38:063fa53f6f68e280013eb9651a53a3c40a16fa99f7689d0761b3f95b2de68b22cfexeNeshta