URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	megabyte-xtnegocios.com
Domain registrar:	Namecheap
Domain registration date:	2021-05-25 00:43:34 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-01-18 11:35:03 UTC
Total malware sites :	3
Online malware sites :	0 (0%)
Offline Malware sites :	3 (100%)
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-05-25 14:01:44	99.83.154.118	a51062ecadbb5a26e.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2022-01-18 11:35:05	104.21.74.244		Not listed	AS13335 CLOUDFLARENET	n/a	no
2022-01-18 11:35:05	172.67.207.241		Not listed	AS13335 CLOUDFLARENET	n/a	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-01-21 10:25:09	https://megabyte-xtnegocios.com/ys3v1clw/AKm6Q9/	Offline	dll emotet epoch5 heodo	Cryptolaemus1
2022-01-18 11:35:05	https://megabyte-xtnegocios.com/ys3v1clw/Yin8it...	Offline	emotet epoch4 redir-doc xls	Cryptolaemus1
2022-01-18 11:35:05	https://megabyte-xtnegocios.com/ys3v1clw/Yin8it...	Offline	doc emotet epoch4 heodo SilentBuilder	Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-01-21 17:01:30	e8649b8cff5387b9544f06f05c533db0f53879fce4be293e932d6f0542ffb6c3	dll		Heodo
2022-01-21 16:43:04	0a584128aaaeb8bdeb0a1ebfcb200a8a3fa6687874e9a6e64db9a3d432b5376a	dll		Heodo
2022-01-21 16:27:57	9c4d3b7f76e9b0496f5f176c44f71ebfb68ab99eb29ded16131d3f9109f953cb	dll		Heodo
2022-01-21 16:17:56	c49375c645715fe47dd033d217aaef0dc1bdd4a496ebabc7bb194f441587cbf0	dll		Heodo
2022-01-21 16:01:13	a1cdcc6b7cc0d09f4fa4fcb745c709bd9caf92a13a59fc0f6acb8c3a7ab14bbf	dll		Heodo
2022-01-21 15:46:58	e705fe3466c9fa1223853491634a61e2f85ba9c2449bd8877bc16dc10e83ca3e	dll		Heodo
2022-01-21 15:20:34	4cc0bdeaf766d39f1ff4f721368cbf1ae089cca9c01e147844008f8b40cadaba	dll		Heodo
2022-01-21 15:13:01	480bdd6c20ec41a73f9e4327d6f2f5abddcf5acec88fa1bbe205368134b05b6d	dll		Heodo
2022-01-21 14:52:30	074d50bba6be32d71973718b27adbfc112eafb01088d54181c8fdaff78b9d17d	dll		Heodo
2022-01-21 14:33:35	28ad85cc01e07342d258c7f610c45e23c6d32cd0b216bf28a2c37d499bc4b9f6	dll		Heodo
2022-01-21 14:21:11	d6b3da3748926e5c593a1db38b066e4cd1cf9cd164f48a498be151746cbebaa7	dll		Heodo
2022-01-21 14:07:04	a18c4fa356c2d5d98332fc9ea45f576a87f8bb02b652cd1c3928da38d41b8d64	dll		Heodo
2022-01-21 13:47:21	b5ec8e2b96dbc04df7f30236b8ce381776a866527da26075e4b746c1923fc7ac	dll		Heodo
2022-01-21 13:35:17	1552c734612be959602a1947109f49e243081cdc529981285eab9440a4ed0aa0	dll		Heodo
2022-01-21 13:06:26	7943ddb412f53a10598523eaf7cd54a06f97519db0ddbcb28ddcebe0b87680bd	dll		Heodo
2022-01-21 13:00:27	77fee0ccbe80ae203007b028c778594eb581ec84e6f354fe56657016806e9ae1	dll		Heodo
2022-01-21 12:39:53	82d0f00320bfa2727f9e2719f24e5442d68a9678182fa04b469ad799714b27ea	dll		Heodo
2022-01-21 12:28:42	face5ac08365ec937133e9de9f55750376d678202b31fcfce374eba7e60119e4	dll		Heodo
2022-01-21 12:06:13	96e856dd88c3ab4e836cf90ded99d69c0b5c6b2feb85e8e5d50a0f1d3cbb8348	dll		Heodo
2022-01-21 11:55:46	50a06c01443f351063fed9b371b5b4017864d47ae7253c084a42c357c7431648	dll		Heodo
2022-01-21 11:37:56	989822a6da3559c42c3dc1ed2195aa07d07cafc4dcc1e4dbceff2306cacd1587	dll		Heodo
2022-01-21 11:17:47	ec2343285a8e12a63e4af4cd102b29df3b8badc1d1ab28eaf8dc2ea26de91c03	dll		Heodo
2022-01-21 10:59:05	30f38cf46f48b3f53902820631aec64188c02f44d7f3c5a33d0c6172419443b9	dll		Heodo
2022-01-21 10:48:32	f6267d38c7edf1eb9a99371d3b7c84f937dc17a048050f4c1a81b572ae8bc83b	dll		Heodo
2022-01-21 10:32:32	991505e7fb6acf9f3fa8a3bcbea2c151c8d596c4b5d019a0ff7946187e87724e	dll		Heodo
2022-01-21 10:25:09	f2081354af1e3d3f08c15259bac7a629a579fd2ec08b0e24a9a1ddb5e7c14324	dll		Heodo
2022-01-18 14:24:18	b9810a3ef7017dc112cfcc5135ce71644e58ec3b5dbd596f2110d2dfb339502e	xls		Heodo
2022-01-18 14:14:30	4b5e1f6a6cc6ea2d649a5e3cc210effc33b1804e7a4931d4b0696af2ff98db29	xls		Heodo
2022-01-18 14:02:29	7f8c95e3849529c50f1972686ebd92fbc0223cbd1df540b3f68ed40894ecaaf9	xls		Heodo
2022-01-18 13:48:50	8808bca9d3fe1c1b081455e20513352831ddfbe9b65a42171b8754c2d8931e97	xls		Heodo
2022-01-18 13:29:59	895e52ebe7c38eec3e599f404e671b1821baab608ba0050d1883f77fc229cc69	xls		Heodo
2022-01-18 13:18:06	e5f7c1f04f9057742b40ff1383040d2326c9cb981cdeb9ccebec4c9467fdece2	xls		Heodo
2022-01-18 13:03:44	101b1f39ef9ce95753101c8136cc17b7f2c9cddcfc535b86b5db4170d1557036	xls		Heodo
2022-01-18 12:50:22	94214a74bb0158fd575aef28c69f335fd6c001fc1d1e015437e278387ef5470d	xls		SilentBuilder
2022-01-18 12:42:43	ae53d5b866d7e49a50c7620025cf11206801dc9d981011954214750e10867083	xls		SilentBuilder
2022-01-18 12:26:19	cef1611e425ccba10f308525ec2de771c18c7aac31a584676ad804905bacebdd	xls		Heodo
2022-01-18 12:16:14	21750a942c925484d6e4e5fa44b8e8d795dcda94557066150d3f6a03e567d98e	xls		Heodo
2022-01-18 11:58:26	a58631457908cd701a6f63570e99aff8a1eaf4e7b164d087ee2b195681ededfe	xls		Heodo
2022-01-18 11:44:12	14584a4907e1d5ffe9c5af416ba27019f14c9e19cc678b988b940a8f644e5f76	xls		Heodo
2022-01-18 11:35:05	ec6598c3ce18e5a26c6455730f05ad506f69950eb70e28f35b212b60cf071f6c	xls		SilentBuilder
2022-01-18 11:35:04	c802b9bdc915013433f691e127e9c9481f6694fb6ad39e215f239f4452d8dc6a	html