URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: markalsf.ru
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2020-10-10 01:05:04 UTC
Total malware sites :2
Online malware sites :0 (0%)
Offline Malware sites :2 (100%)
A record(s) observed :3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2021-07-02 10:15:18 109.70.26.37expirepages-kiae-1.nic.ruNot listedAS48287 RU-CENTER- RUno
2021-07-02 10:15:18 194.85.61.76expirepages-kiae-2.nic.ruNot listedAS48287 RU-CENTER- RUno
2020-10-10 01:05:08 217.8.117.77Not listedAS49505 SELECTEL- TMno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2020-10-10 01:05:12http://markalsf.ru/zxcv.EXEOfflineArkeiStealer ext RaccoonStealer ext JAMESWT_MHT
2020-10-10 01:05:08http://markalsf.ru/zxcvb.exeOfflineAZORult ext RaccoonStealer ext JAMESWT_MHT

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2020-12-07 06:35:242dae80e04d518be8a6e1659d53afd6aea2eecc35086db46b4dd0a701a4b6f812exeRaccoonStealer
2020-12-07 06:28:450733d640a833a24e6c37c8085a6e22ba3245eee995c83edf79f20efa327d365aexeRaccoonStealer
2020-11-29 15:20:5403dfaeacfbc330e89f56bc08ca54f2b8071fb7b27043e342b020a1c0e78601b9exeRaccoonStealer
2020-11-29 15:06:2313383a95305773d0defdd99d9d5d555eb72d8bea2265b44f133c56ffbdae2289exe ArkeiStealer
2020-11-18 16:19:18bad1feef0055835db4f894b4885b48d596788458bc9095d4c0af9ec36a97077dexeRaccoonStealer
2020-11-18 16:18:352bea53a14d59fc7d772ea805af47b3b8ddddbf201a7e8d9e7ebd7ca422702a30exeRaccoonStealer
2020-11-10 16:57:5077d3172d77aa45c61b8563dcb13b26bd2f8f9fb4cbc2fcc966966a26f316ba56exeArkeiStealer
2020-11-10 16:54:53b99d5d0e6ebfd38c47b999a704cb2558797ed6b149356075036a0de57fbca261exeAZORult
2020-10-28 18:01:507216531f7bdf08e92cf69d0754b27da97d716c62ec5294fa03ccebb7e652bfdbexeRaccoonStealer
2020-10-28 17:50:0159a7beab1c7583b7995b157e9e87beb6fa0785c49784bf0b9d13bd143a696541exeRaccoonStealer
2020-10-26 17:06:18c9c5b4b76ac69632d5f5931198adb5d21d214c72d8524ffc60d7d6bbcd44cf03exeRaccoonStealer
2020-10-26 16:53:074816da611b72e06e4b9481b729f754b462a268ce32392eb1eab1ee6776c7b7f9exe RaccoonStealer
2020-10-14 06:51:2760152e8f49b376387ea78e05be97894b52c0dc862a9906248b12a441e840ee2dexeRaccoonStealer
2020-10-14 06:44:29c3c2a6747a34c92023bef1d5abc604f697408e60ee64d1155af7a8c62727e894exeRaccoonStealer
2020-10-13 13:13:264be1e912f4b6f65dd938f0a6fa1f1d9b8d4c20fc25ac3c3189e10013c29e4deaexeRaccoonStealer
2020-10-13 13:12:36c686c7b2fff2ad2853c1d450d44fcf96ff3df67f34205b6b4e0352153893c924exeRaccoonStealer
2020-10-10 01:05:12033dd7d02172855d2e61e1dcfae24bdeb9136310503e06bf7079ef78db9422aeexeArkeiStealer
2020-10-10 01:05:08ed9d96725b88ce0a3caee6d98c11369fb84a1d7eca3847db66abe63c49955f73exeRaccoonStealer