URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	leavemylinkpls.mooo.com
Domain registrar:	Domain.com
Domain registration date:	2000-03-24 06:27:37 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-08-02 08:56:03 UTC
Total malware sites :	15
Online malware sites :	0 (0%)
Offline Malware sites :	15 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-08-02 08:56:08	192.3.110.170	192-3-110-170-host.colocrossing.com	Not listed	AS36352 AS-COLOCROSSING	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-08-31 16:46:11	http://leavemylinkpls.mooo.com/win32/DOGGY.exe	Offline	32 AgentTesla exe	zbetcheckin
2021-08-31 16:46:05	http://leavemylinkpls.mooo.com/win32/CHUCK.exe	Offline	32 exe RemcosRAT	zbetcheckin
2021-08-31 16:46:05	http://leavemylinkpls.mooo.com/win32/MAMA.exe	Offline	32 exe RemcosRAT	zbetcheckin
2021-08-31 16:24:04	http://leavemylinkpls.mooo.com/win32/chucks.exe	Offline	32 exe RemcosRAT	zbetcheckin
2021-08-27 13:03:05	http://leavemylinkpls.mooo.com/win32/dog.exe	Offline	32 AgentTesla exe	zbetcheckin
2021-08-27 12:50:08	http://leavemylinkpls.mooo.com/win32/win32u.exe	Offline	32 AgentTesla exe RemcosRAT	zbetcheckin
2021-08-18 15:26:05	http://leavemylinkpls.mooo.com/win32/RAR.exe	Offline	32 AgentTesla AveMariaRAT exe RemcosRAT	zbetcheckin
2021-08-18 15:22:05	http://leavemylinkpls.mooo.com/win32/DOC.exe	Offline	32 AgentTesla AveMariaRAT exe	zbetcheckin
2021-08-18 15:08:05	http://leavemylinkpls.mooo.com/win32/ECHEZONA.exe	Offline	32 exe RemcosRAT	zbetcheckin
2021-08-18 15:08:05	http://leavemylinkpls.mooo.com/win32/charles.exe	Offline	32 exe RemcosRAT	zbetcheckin
2021-08-18 15:04:05	http://leavemylinkpls.mooo.com/win32/warzone.exe	Offline	32 AgentTesla exe	zbetcheckin
2021-08-02 08:58:11	http://leavemylinkpls.mooo.com/win32/win32d%20-...	Offline	exe opendir RemcosRAT	abuse_ch
2021-08-02 08:58:10	http://leavemylinkpls.mooo.com/win32/win32t.exe	Offline	AgentTesla exe opendir RedLineStealer RemcosRAT	abuse_ch
2021-08-02 08:58:08	http://leavemylinkpls.mooo.com/win32/win32c.exe	Offline	exe opendir RemcosRAT	abuse_ch
2021-08-02 08:56:08	http://leavemylinkpls.mooo.com/win32/win32d.exe	Offline	AgentTesla exe RemcosRAT	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2021-09-16 10:18:41	0581160998be30f79bd9a0925a01b0ebc4cb94265dfa7f8da1e2839bf0f1e426	exe
2021-09-16 10:13:21	0581160998be30f79bd9a0925a01b0ebc4cb94265dfa7f8da1e2839bf0f1e426	exe
2021-09-05 22:16:49	7afb56dd48565c3c9804f683c80ef47e5333f847f2d3211ec11ed13ad36061e1	exe
2021-09-05 20:42:21	7afb56dd48565c3c9804f683c80ef47e5333f847f2d3211ec11ed13ad36061e1	exe
2021-08-31 16:46:11	c3e8a96f0cce0e05c66bb162f2cb23d12817e959b2ffc0d1e6c605538cad0856	exe		AgentTesla
2021-08-31 16:46:05	46add58bc9326fa9becd1c7766ad6eef4abee494de997f4df08ca35c193a2147	exe		RemcosRAT
2021-08-31 16:46:05	85445f0a808b4d25cc291adc7bf2782bcce76a011b7dbe1393426294343dd953	exe		RemcosRAT
2021-08-31 16:24:04	31825b4e2cb4053a257359fa54e809be5a3d6b991ab3f4eddb0daf87def9f7eb	exe		RemcosRAT
2021-08-30 08:23:45	fd0a98614305ca211fafe525c8beadab7f632b0ebe04aaf6afe161f699ecda18	exe		RemcosRAT
2021-08-30 08:09:45	48b05619f4c896877630fa73041518ff25a11d99fb4b12d937dfeba0612c37f8	exe		AgentTesla
2021-08-30 07:57:36	32f334c4dd449f4bb5a8fe87696f466e57ac6f499b7c9622fd0b354c166d98ab	exe		RemcosRAT
2021-08-30 07:52:50	5d1af9d6d105cd2f0abccbbdda1e355e19b4e06faa82622660892f2a0b34556c	exe		AgentTesla
2021-08-27 13:03:05	0f242e89dd3f1685ace979a248300f7f414932b8a2a75af88585c427f2758c10	exe		AgentTesla
2021-08-27 12:50:08	d2890c754ab95d16d9d1d93f680a850db565a61c68bbaf0337696bfbb485e8fa	exe		RemcosRAT
2021-08-26 11:46:30	138ef44ad62de7fbb51ef1e66c3fd1055c3989ba20ca7a4e4f083513080f9faa	exe		RemcosRAT
2021-08-26 11:46:29	35badde7665455f011683d9d8ce515444f0f12839abbd7ed7abe1d9a0d2fabbc	exe		AgentTesla
2021-08-26 11:29:00	0cdbbad2c981d41b9a576a234ecf97cfeb8ed01e869375f3fd3b782310ea1649	exe		RemcosRAT
2021-08-23 22:42:55	85ec9fb4bee90d873565b289a0165f8a543114e8f20b9725786fcb7900a36c4e	exe		AgentTesla
2021-08-23 21:18:27	1bdb2bb10581f1ff96824ff8e8ee07de970bf051d63c2c9d216ad9744dc75804	exe		RemcosRAT
2021-08-19 22:35:52	b66ed68c82ece47a67b72c1bf125a4f80a96c63692e392e0ee4a0fc05101de79	exe		AgentTesla
2021-08-19 22:20:16	b66ed68c82ece47a67b72c1bf125a4f80a96c63692e392e0ee4a0fc05101de79	exe		AgentTesla
2021-08-19 05:34:56	f30fe9ab5effac2b48718faa2429bad33a2024b68cd30ead407bdff50eb89f8b	exe		AveMariaRAT
2021-08-19 05:34:12	36cab5247296638ca5b35c4fcf864a06452718f5bf8b72fa41a620a06d9d67f1	exe		AgentTesla
2021-08-19 05:33:14	f30fe9ab5effac2b48718faa2429bad33a2024b68cd30ead407bdff50eb89f8b	exe		AveMariaRAT
2021-08-19 05:12:08	7afb56dd48565c3c9804f683c80ef47e5333f847f2d3211ec11ed13ad36061e1	exe
2021-08-19 05:07:29	7afb56dd48565c3c9804f683c80ef47e5333f847f2d3211ec11ed13ad36061e1	exe
2021-08-18 15:26:05	d37c9cd4c34022b4147131342718ffdc98136591ed1c2903a9fac85834f31869	exe		RemcosRAT
2021-08-18 15:22:04	f4d3d1d7abd51b08b3bad84d718cb3beaf9d0513422ce276ea2cc2617c3cf889	exe		AveMariaRAT
2021-08-18 15:08:05	aeca027731726d15576b3d43b36b2624d5120694a28ee8d9704df4127a1e6a23	exe		RemcosRAT
2021-08-18 15:08:05	5f2e93f3e9d00c5ddfccca8a646d2ca7e55789ddb0bb4a61be63db3a82fd623d	exe		RemcosRAT
2021-08-18 15:04:05	2247beed02b63fa71ad203041bc7a189ae0523030fac7baef8d90207ecf1333f	exe		AgentTesla
2021-08-05 02:36:05	c64129ee795961963a0df968f6f460704f8bbe0622bea2e8958109a67e1c471a	exe		RemcosRAT
2021-08-03 15:24:29	efb476a38cb543e7918190d477a0d13b7551e19ab971f0047c8006e319261102	exe		RemcosRAT
2021-08-03 07:12:14	7afb56dd48565c3c9804f683c80ef47e5333f847f2d3211ec11ed13ad36061e1	exe
2021-08-03 06:41:49	43529598ea9bcb9fb6fd47e9554afbc39388856dee239751ba45c18186ac7346	exe		AgentTesla
2021-08-02 23:32:38	61a0fc1f588b046ec75d0aec7c974161c737ef4a7572f33e4a2f96bfca983134	exe		RedLineStealer
2021-08-02 08:58:11	0afd6d772b09767847f0635c5e1e56d51ab97997bcd5cf82701f2159195065e7	exe		RemcosRAT
2021-08-02 08:58:10	7afb56dd48565c3c9804f683c80ef47e5333f847f2d3211ec11ed13ad36061e1	exe
2021-08-02 08:58:08	7afb56dd48565c3c9804f683c80ef47e5333f847f2d3211ec11ed13ad36061e1	exe
2021-08-02 08:56:07	0afd6d772b09767847f0635c5e1e56d51ab97997bcd5cf82701f2159195065e7	exe		RemcosRAT