URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	marksidfg.ug
Abuse complaint sent?:	Yes (2024-02-08 05:45:02 UTC to cmusisi{at}uol[dot]co[dot]ug,ksemat{at}eahd[dot]or[dot]ug)
Spamhaus DBL :	Not blocked
SURBL :	Blocked
Quad9 :	Status unknown
AdGuard :	Blocked
Cloudflare :	Blocked
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2019-08-23 05:58:02 UTC
Total malware sites :	18
Online malware sites :	0 (0%)
Offline Malware sites :	18 (100%)
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	SBL	ASN	Country	Active?
2024-02-08 05:43:08	91.215.85.223	SBL615768	AS200593 PROSPERO-AS	RU	no
2019-08-25 13:36:07	47.254.173.118	Not listed	AS45102 ALIBABA-CN-NET	DE	no
2019-08-23 05:58:04	5.53.124.65	Not listed	AS49505 SELECTEL	RU	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-07-06 05:42:56	http://marksidfg.ug/zxcv.ps1	Offline	opendir ps1	NDA0E
2024-07-06 05:38:20	http://marksidfg.ug/ghjk.exe	Offline	exe opendir Rhadamanthys	NDA0E
2024-07-06 05:36:40	http://marksidfg.ug/ali.ps1	Offline	opendir ps1	NDA0E
2024-07-06 05:35:50	http://marksidfg.ug/zxcvb.exe	Offline	exe opendir Rhadamanthys	NDA0E
2024-07-06 05:32:47	http://marksidfg.ug/qwertyj1.ps1	Offline	opendir ps1	NDA0E
2024-07-06 05:27:19	http://marksidfg.ug/zxcvb.ps1	Offline	opendir ps1	NDA0E
2024-07-06 05:26:53	http://marksidfg.ug/pps.ps1	Offline	opendir ps1	NDA0E
2024-07-06 05:20:34	http://marksidfg.ug/mkv.ps1	Offline	opendir ps1	NDA0E
2024-07-06 05:20:20	http://marksidfg.ug/asdf.ps1	Offline	opendir ps1	NDA0E
2024-07-06 05:14:53	http://marksidfg.ug/ppx.ps1	Offline	opendir ps1	NDA0E
2024-07-06 05:09:20	http://marksidfg.ug/qwerty.ps1	Offline	opendir ps1	NDA0E
2024-07-06 05:04:51	http://marksidfg.ug/telly.ps1	Offline	opendir ps1	NDA0E
2024-07-06 05:03:50	http://marksidfg.ug/payload.ps1	Offline	opendir ps1	NDA0E
2024-03-29 04:48:12	http://marksidfg.ug/asdfg.exe	Offline	32 CoinMiner exe	zbetcheckin
2024-02-08 05:47:07	http://marksidfg.ug/ghjkl.exe	Offline	32 CoinMiner exe Rhadamanthys	zbetcheckin
2024-02-08 05:47:06	http://marksidfg.ug/native.exe	Offline	32 CoinMiner exe Rhadamanthys	zbetcheckin
2024-02-08 05:43:08	http://marksidfg.ug/net.exe	Offline	32 CoinMiner exe Rhadamanthys	zbetcheckin
2019-08-23 05:58:04	http://marksidfg.ug/asdf.EXE	Offline	exe NetWire	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2024-07-08 13:53:25	33682e861b76b0ae22b7361f5b59bb7e69b95e69480156714f01e7044408b546	exe	Rhadamanthys
2024-07-08 10:06:36	33682e861b76b0ae22b7361f5b59bb7e69b95e69480156714f01e7044408b546	exe	Rhadamanthys
2024-07-06 05:38:19	7ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224	exe	Rhadamanthys
2024-07-06 05:35:42	7ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224	exe	Rhadamanthys
2024-04-18 04:20:24	990729e49f2f32dc37828ff777f683069c6c4cd01a5886d88937812707965360	exe
2024-04-18 02:09:08	b8f57f7844ef8ff3020bf9ab57902ec1dc59903fb923d5c497b89441b541eb43	exe
2024-03-29 04:48:12	432747c04ab478a654328867d7ca806b52fedf1572c74712fa8b7c0edb71df67	exe	CoinMiner
2024-03-27 14:20:01	432747c04ab478a654328867d7ca806b52fedf1572c74712fa8b7c0edb71df67	exe	CoinMiner
2024-03-27 14:09:18	432747c04ab478a654328867d7ca806b52fedf1572c74712fa8b7c0edb71df67	exe	CoinMiner
2024-03-27 13:57:58	432747c04ab478a654328867d7ca806b52fedf1572c74712fa8b7c0edb71df67	exe	CoinMiner
2024-03-18 14:10:42	86de1935c1495889fa1e035d853d736ea382768e9aa648d24d7d622e2736e2fc	exe
2024-03-18 01:01:28	6ffccb44197ee59565dda13d9f02663ea5518fd6801c8b4613debefe77d7bbe9	exe
2024-03-18 00:16:47	b453521f6646b621bf11c56988ef9b5f1a787333b05beb8aa3a330c2a8dec603	exe
2024-03-17 14:55:33	b15d823b55950a716641c51f939accf3306143fb1f8c3c0e19499aba738966b7	exe
2024-03-17 09:24:20	e6d98cb77906d6d5d2e07ab46c3cfc87883288293b76dc83b50e55222fa29d42	exe
2024-03-16 12:45:50	8517fead203e3801181113434387c1093506cab704e6437de530e138511b1632	exe
2024-03-16 06:27:22	521488cfbab3f2ca3be614ae8ce9c498aa477ec7a9c2956b8ffe3db9c195f863	exe
2024-03-15 09:44:49	4b23349e42c686540f291e573c6d346b143cdc35b7c00ec7f0d080192a227a77	exe
2024-03-15 06:21:08	3b29ec5469ace2566f6d3b8de16c38b95c513b50b1f57c663986d5336e7d1249	exe
2024-02-08 05:47:06	217fbf967c95d1359314fcd53ae8d04489eb3c7bdc1f22110d5a8a476d1fc92e	exe	Rhadamanthys
2024-02-08 05:47:06	217fbf967c95d1359314fcd53ae8d04489eb3c7bdc1f22110d5a8a476d1fc92e	exe	Rhadamanthys
2024-02-08 05:43:08	217fbf967c95d1359314fcd53ae8d04489eb3c7bdc1f22110d5a8a476d1fc92e	exe	Rhadamanthys
2019-08-25 13:36:04	64bcbfc4dace96056134fdc860e16ac6a24134917d65f13b657de35220a26eaa	exe	NetWire
2019-08-24 13:28:21	1a1ecac0e6636513de4748f850284d21e229e3e81ecfb8dfafe8045378bf0fe7	exe
2019-08-23 08:25:29	3921b96d47589d694bdc9ba89e9c119cdd816c83e25bd7bda39cf3ce8aff169e	exe
2019-08-23 05:58:03	b69bf142e91b141de463f024a9686d5d40dc6058d37f00781503b6dc4fddedc0	exe	NetWire