URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: marksidfgs.ug
Abuse complaint sent?: Yes (2024-02-08 04:20:02 UTC to cmusisi{at}uol[dot]co[dot]ug,ksemat{at}eahd[dot]or[dot]ug)
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Blocked
Cloudflare :Blocked
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2021-01-11 15:34:10 UTC
Total malware sites :18
Online malware sites :0 (0%)
Offline Malware sites :18 (100%)
A record(s) observed :104

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2023-11-11 00:24:00 91.215.85.223SBL615768AS200593 PROSPERO-AS- RUno
2023-05-27 13:23:33 94.142.138.213SBL655622AS211522 HYPERCORELTD- FIno
2023-05-03 14:26:23 91.215.85.135SBL615768AS200593 PROSPERO-AS- RUno
2023-04-14 23:20:00 94.142.138.104SBL655622AS211522 HYPERCORELTD- FIno
2023-03-16 16:48:20 91.215.85.173SBL615768AS200593 PROSPERO-AS- RUno
2022-12-18 21:50:15 91.215.85.158SBL615768AS200593 PROSPERO-AS- RUno
2022-06-20 06:06:14 45.143.201.4free.ntup.netSBL625748AS200195 VERASEL- RUno
2021-10-05 11:38:08 194.87.46.42Not listedAS214822 MTFINANCE-AS- RUno
2021-06-03 07:03:41 45.132.19.2ptr.ruvds.comNot listedAS48347 MTW-AS- RUno
2021-05-01 10:31:41 194.87.57.103Not listedAS214822 MTFINANCE-AS- RUno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2024-07-06 05:40:17http://marksidfgs.ug/telly.ps1Offlineopendir ps1 NDA0E
2024-07-06 05:35:14http://marksidfgs.ug/qwerty.ps1Offlineopendir ps1 NDA0E
2024-07-06 05:31:15http://marksidfgs.ug/zxcvb.ps1Offlineopendir ps1 NDA0E
2024-07-06 05:29:52http://marksidfgs.ug/zxcv.ps1Offlineopendir ps1 NDA0E
2024-07-06 05:29:29http://marksidfgs.ug/ppx.ps1Offlineopendir ps1 NDA0E
2024-07-06 05:26:24http://marksidfgs.ug/payload.ps1Offlineopendir ps1 NDA0E
2024-07-06 05:25:45http://marksidfgs.ug/pps.ps1Offlineopendir ps1 NDA0E
2024-07-06 05:21:38http://marksidfgs.ug/mkv.ps1Offlineopendir ps1 NDA0E
2024-07-06 05:21:22http://marksidfgs.ug/native.exeOfflineexe opendir Rhadamanthys NDA0E
2024-07-06 05:21:13http://marksidfgs.ug/zxcvb.exeOfflineexe opendir Rhadamanthys NDA0E
2024-07-06 05:13:54http://marksidfgs.ug/qwertyj1.ps1Offlineopendir ps1 NDA0E
2024-07-06 05:12:26http://marksidfgs.ug/ali.ps1Offlineopendir ps1 NDA0E
2024-07-06 05:09:51http://marksidfgs.ug/asdf.ps1Offlineopendir ps1 NDA0E
2024-03-29 04:12:09http://marksidfgs.ug/ghjk.exeOffline32 CoinMiner exe Rhadamanthys zbetcheckin
2024-02-08 04:17:15http://marksidfgs.ug/net.exeOffline32 CoinMiner exe Rhadamanthys zbetcheckin
2024-02-08 04:17:15http://marksidfgs.ug/ghjkl.exeOffline32 CoinMiner exe Rhadamanthys zbetcheckin
2020-12-11 11:08:04http://marksidfgs.ug/asdfg.exeOfflineArkeiStealer ext AZORult ext CoinMiner exe RaccoonStealer ext RecordBreaker ext RedLineStealer ext RemcosRAT ext Rhadamanthys Vidar ext zgRAT zbetcheckin
2019-12-10 07:43:13http://marksidfgs.ug/asdf.EXEOfflineArkeiStealer ext AZORult ext CoinMiner emotet ext exe GuLoader ext heodo ext KPOTStealer ext ModiLoader ext NetWire ext RaccoonStealer ext RecordBreaker ext RedLineStealer ext RemcosRAT ext Rhadamanth abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2024-07-08 10:57:5733682e861b76b0ae22b7361f5b59bb7e69b95e69480156714f01e7044408b546exeRhadamanthys
2024-07-08 10:49:5233682e861b76b0ae22b7361f5b59bb7e69b95e69480156714f01e7044408b546exeRhadamanthys
2024-07-08 10:45:1733682e861b76b0ae22b7361f5b59bb7e69b95e69480156714f01e7044408b546exeRhadamanthys
2024-07-08 10:33:0333682e861b76b0ae22b7361f5b59bb7e69b95e69480156714f01e7044408b546exeRhadamanthys
2024-07-08 10:24:3333682e861b76b0ae22b7361f5b59bb7e69b95e69480156714f01e7044408b546exeRhadamanthys
2024-07-08 10:05:2933682e861b76b0ae22b7361f5b59bb7e69b95e69480156714f01e7044408b546exeRhadamanthys
2024-07-08 09:39:1533682e861b76b0ae22b7361f5b59bb7e69b95e69480156714f01e7044408b546exeRhadamanthys
2024-07-06 05:21:227ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224exe Rhadamanthys
2024-07-06 05:21:127ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224exe Rhadamanthys
2024-06-29 22:49:04c26e3ccf3c23e0b0691a4f0679251611455a9058466a96f203fac4504b4a12faexe  
2024-06-29 20:05:181be72df03d119533254240c7553b6fc6af0b28c58182ac937684ea0fe8a41b4eexe  
2024-06-28 14:04:084a69a64d652063b65cfe7f7ad5e54491b06547c783d74147c79cb9145536cf26exe 
2024-06-27 22:57:23f567eb23dd95fe66f925bce074253f46263b0916de62d8850dd8c3ac35efc72eexe  
2024-06-27 12:08:18893d772df3fa2baa5977dfce6f27f1df6d9ddb925ff8aad75cb8693556ceb563exe  
2024-06-27 10:57:068491781afed15ad4fa80b176c3516cd3b44e7880a559ab22899b216be74cec48exe  
2024-06-27 01:18:23a2e4f1eead7d430cf08d33e04c48adb2af23b71ec4c633bc6b88d870c1d61a56exe  
2024-06-27 01:08:0924f6c1b06912c2d8d46c6ac10737fd8efaaf7d18b227279f9dae584a5625c0c6exe  
2024-06-27 00:37:49a2e4f1eead7d430cf08d33e04c48adb2af23b71ec4c633bc6b88d870c1d61a56exe  
2024-06-26 22:18:42f567eb23dd95fe66f925bce074253f46263b0916de62d8850dd8c3ac35efc72eexe  
2024-06-26 20:28:5724f6c1b06912c2d8d46c6ac10737fd8efaaf7d18b227279f9dae584a5625c0c6exe  
2024-06-26 19:27:238c13fdcfeb87abd390f487e9d51d7edcdd6073951a5f96e5c0b1f7d899874932exe 
2024-06-26 17:20:47f1a3575752ad9f9ed80f361cda52efb5b46a8cc15a23b2c047d1f146008128feexe  
2024-06-26 17:03:518c13fdcfeb87abd390f487e9d51d7edcdd6073951a5f96e5c0b1f7d899874932exe 
2024-06-26 16:05:328491781afed15ad4fa80b176c3516cd3b44e7880a559ab22899b216be74cec48exe  
2024-06-26 15:35:34c04200d5cf07683046a213f28b227e5333d32de291dd448c4cb9bea5bafc76b8exe  
2024-06-26 15:15:448491781afed15ad4fa80b176c3516cd3b44e7880a559ab22899b216be74cec48exe  
2024-06-26 15:07:54f1a3575752ad9f9ed80f361cda52efb5b46a8cc15a23b2c047d1f146008128feexe  
2024-06-26 14:42:468c13fdcfeb87abd390f487e9d51d7edcdd6073951a5f96e5c0b1f7d899874932exe 
2024-06-26 14:42:29f567eb23dd95fe66f925bce074253f46263b0916de62d8850dd8c3ac35efc72eexe  
2024-06-26 13:44:12a31d2bd866d61f88043596ef2723271f53f79d8f584c3fd1cae625d23772d256exe  
2024-06-26 13:29:528491781afed15ad4fa80b176c3516cd3b44e7880a559ab22899b216be74cec48exe  
2024-06-26 13:05:4724f6c1b06912c2d8d46c6ac10737fd8efaaf7d18b227279f9dae584a5625c0c6exe  
2024-06-26 13:01:1224f6c1b06912c2d8d46c6ac10737fd8efaaf7d18b227279f9dae584a5625c0c6exe  
2024-06-26 11:50:27a31d2bd866d61f88043596ef2723271f53f79d8f584c3fd1cae625d23772d256exe  
2024-06-26 10:36:53f567eb23dd95fe66f925bce074253f46263b0916de62d8850dd8c3ac35efc72eexe  
2024-06-26 10:26:068c13fdcfeb87abd390f487e9d51d7edcdd6073951a5f96e5c0b1f7d899874932exe 
2024-06-26 10:06:3707445b196288e616e539c775b87265d10341c0c644558ba94a8525a70536e871exe  
2024-06-26 08:59:52c04200d5cf07683046a213f28b227e5333d32de291dd448c4cb9bea5bafc76b8exe  
2024-06-26 08:41:5207445b196288e616e539c775b87265d10341c0c644558ba94a8525a70536e871exe  
2024-06-26 08:03:078c13fdcfeb87abd390f487e9d51d7edcdd6073951a5f96e5c0b1f7d899874932exe 
2024-06-26 07:38:23f1a3575752ad9f9ed80f361cda52efb5b46a8cc15a23b2c047d1f146008128feexe  
2024-06-26 07:14:42c26e3ccf3c23e0b0691a4f0679251611455a9058466a96f203fac4504b4a12faexe  
2024-06-26 06:46:55a2e4f1eead7d430cf08d33e04c48adb2af23b71ec4c633bc6b88d870c1d61a56exe  
2024-06-26 06:35:588491781afed15ad4fa80b176c3516cd3b44e7880a559ab22899b216be74cec48exe  
2024-06-26 06:32:32a31d2bd866d61f88043596ef2723271f53f79d8f584c3fd1cae625d23772d256exe  
2024-06-26 06:06:32f1a3575752ad9f9ed80f361cda52efb5b46a8cc15a23b2c047d1f146008128feexe  
2024-06-26 05:34:00f567eb23dd95fe66f925bce074253f46263b0916de62d8850dd8c3ac35efc72eexe  
2024-06-26 04:56:1947a817f85453e16e52d201810fd5a719a1fcb01c49dfd350a2fc36fef42ac442exe 
2024-06-26 04:44:1447a817f85453e16e52d201810fd5a719a1fcb01c49dfd350a2fc36fef42ac442exe 
2024-06-26 03:37:00c04200d5cf07683046a213f28b227e5333d32de291dd448c4cb9bea5bafc76b8exe  
2024-06-26 03:34:43a2e4f1eead7d430cf08d33e04c48adb2af23b71ec4c633bc6b88d870c1d61a56exe  
2024-06-26 02:53:32f1a3575752ad9f9ed80f361cda52efb5b46a8cc15a23b2c047d1f146008128feexe  
2024-06-26 02:41:1447a817f85453e16e52d201810fd5a719a1fcb01c49dfd350a2fc36fef42ac442exe 
2024-06-26 02:37:5324f6c1b06912c2d8d46c6ac10737fd8efaaf7d18b227279f9dae584a5625c0c6exe  
2024-06-26 01:15:0647a817f85453e16e52d201810fd5a719a1fcb01c49dfd350a2fc36fef42ac442exe 
2024-06-26 01:03:58a31d2bd866d61f88043596ef2723271f53f79d8f584c3fd1cae625d23772d256exe  
2024-06-26 00:51:54a2e4f1eead7d430cf08d33e04c48adb2af23b71ec4c633bc6b88d870c1d61a56exe  
2024-06-26 00:47:5347a817f85453e16e52d201810fd5a719a1fcb01c49dfd350a2fc36fef42ac442exe 
2024-06-23 06:01:027ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224exe Rhadamanthys
2024-06-23 05:59:507ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224exe Rhadamanthys
2024-06-23 05:51:207ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224exe Rhadamanthys
2024-06-23 05:48:367ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224exe Rhadamanthys
2024-06-23 05:48:237ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224exe Rhadamanthys
2024-04-18 05:05:1842f1da7952dc3420c69da2b65ce6e59347739ed155824ca3aa269b40606ff023exe  
2024-04-18 04:29:258288a8e843d3781490c8118b0021db7220d3b2b38bf16db9e78b5a15f2e19797exe  
2024-04-18 01:34:249c8b60c7dc2b46fa009003f96f4cb8c04afecb0d6f3e29b01a723befcc205041exe  
2024-03-29 04:12:09432747c04ab478a654328867d7ca806b52fedf1572c74712fa8b7c0edb71df67exeCoinMiner
2024-03-27 14:27:52432747c04ab478a654328867d7ca806b52fedf1572c74712fa8b7c0edb71df67exeCoinMiner
2024-03-27 14:05:29432747c04ab478a654328867d7ca806b52fedf1572c74712fa8b7c0edb71df67exeCoinMiner
2024-03-27 14:01:49432747c04ab478a654328867d7ca806b52fedf1572c74712fa8b7c0edb71df67exeCoinMiner
2024-03-27 13:58:40432747c04ab478a654328867d7ca806b52fedf1572c74712fa8b7c0edb71df67exeCoinMiner
2024-03-19 02:35:32583f84756de09ea3f7b4f8191f4174645afb14d10f2c69a907cde89448f7f99bexe  
2024-03-18 12:23:585cb845f2ac9fc326e240bd2c56afdd95bc6e6f708a991770a995cb4ae53ea6feexe  
2024-03-18 09:42:23be73738191878fdc49c8994b60069df39e835b6bae6a4a8ded041c87b8514e1dexe  
2024-03-18 04:23:244dc4a5731364b47800189b82f0fe51fa1bda5ea828af59b57f22c88b7b13894eexe  
2024-03-18 02:05:48112a73b91cc13347a798cceab2e84c6170eea3fc775c5df792ac796e86379590exe  
2024-03-18 00:54:052a36ab76bd796ddb801aab1b583d6c6d58cb042d7d82c25a8604b217590a317eexe  
2024-03-18 00:14:44be73738191878fdc49c8994b60069df39e835b6bae6a4a8ded041c87b8514e1dexe  
2024-03-18 00:09:434dc4a5731364b47800189b82f0fe51fa1bda5ea828af59b57f22c88b7b13894eexe  
2024-03-17 22:47:17b453521f6646b621bf11c56988ef9b5f1a787333b05beb8aa3a330c2a8dec603exe  
2024-03-17 21:14:29dd2cca34f39e122f1c5ba5f8f935d3c58a66d9feac86181b614657c963a1f76fexe  
2024-03-17 18:33:1264d030fd61441edf717b12069dd57541871e316119217a9590f6d6c5e1f9d81fexe  
2024-03-17 17:22:09be73738191878fdc49c8994b60069df39e835b6bae6a4a8ded041c87b8514e1dexe  
2024-03-17 13:29:1678dc6f74adcab5adf787ae6eb2b30b9af1d7fffe33ba9950b50bd73d1550bcb1exe  
2024-03-17 10:33:144d6ad9b2afb18d4044a8045bc0e0d8fc6ef02026ce821ed1df17288d7e5889d8exe  
2024-03-17 09:06:304dc4a5731364b47800189b82f0fe51fa1bda5ea828af59b57f22c88b7b13894eexe  
2024-03-17 05:12:064b7e1621d4cc0559403ef981ebcceebe44beb989bcab0d4c146639fb3c921b8cexe  
2024-03-16 23:16:15ed6019e8183a17ffbd5aac89643b9f2b4121e80b23059413c0ece36d8ce3df10exe  
2024-03-16 19:58:54c73806573b916d04447f90bba1e49d66fed540d6b6d55c72abc45f0894730744exe  
2024-03-16 15:48:50523df76b7c58ec3b3a01c98a3127814d9c81c1a24d337fe02aea5f4a2daf0ea5exe  
2024-03-16 08:21:361dd739d2dd93580964f170305bd4e10f9465fbeb08811618508b4142f8630fffexe  
2024-03-16 05:06:59c8054ae8b56f482415f209b9a83edbb9a23ba722220cd6a2b9a8f95d3abc973bexe  
2024-03-16 03:09:162a90274e8244ddb34af47dcbed338b14dfeba2f22e2ad0e82ff5380d9dcbde43exe  
2024-03-16 01:06:23dcbf84dfaa590c23b90d201574c9dc4ca96f73a6bf01f0db3f784bd3618848aeexe  
2024-03-15 21:07:10b0c8e29bc0b9c6d05c1903e8681ed9779776a4282b60cf6b4c3a240333c6f574exe  
2024-03-15 20:01:470cdc3607234489d129adb8cedfcb4ce53aedbc082adefc34ed65c8574ec43e54exe  
2024-03-15 19:22:2419170f060a9297124821fc69ccfe3b75b20d0fb4512b82e2628b8d8319b9692aexe  
2024-03-15 18:49:55384f158c6986e43d7014de8840f9e006894a257d44dd5111278f758f0e3a3ea4exe  
2024-03-15 17:05:065cb845f2ac9fc326e240bd2c56afdd95bc6e6f708a991770a995cb4ae53ea6feexe  
2024-03-15 09:25:538be20fa897c4a30764b28cf1440dbbd1360ccbf3108dec334714c0a25b2100eaexe