URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-10-29 18:29:45	74.119.239.234		Not listed	AS46606 UNIFIEDLAYER-AS-1	US	no
2021-08-22 08:10:48	174.138.160.44	customer2.chartspassingnews.com	Not listed	AS20454 SSASN2	US	no
2021-01-25 16:01:12	23.29.122.195	23-29-122-195.static.hvvc.us	Not listed	AS29802 HVC-AS	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-01-25 16:01:12	http://moonmachineries.com/nt2puugt5.rar	Offline	dll Dridex	JAMESWT_MHT

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2021-01-26 11:48:41	3492d7a110e1745ed6c308da51de7b141e800febd2f62cf8d2797bffa694665b	dll		Dridex
2021-01-26 05:56:37	fd29c15fbb12fd87ee00ebd1d364d2646318455bac92fab9adfe97bbad56ee96	dll		Dridex
2021-01-25 21:07:05	52f4d215815d5402cbbf1e634abf6f4cba3c1a9ff89b7a371026e3a076124472	dll
2021-01-25 19:50:59	08dc50b1f071f90f95ed871e4ee80d951b25f5e82b91d920155c6de99eadde9b	dll		Dridex
2021-01-25 18:35:31	f57a01fea13d7ee1936bb8f41d8d168803820787f558aa488b94b15a8563277b	dll		Dridex
2021-01-25 17:44:48	9f1cb8711a3b8832e5850aaef4df3081ba1c7d917acf800976d6a874cb74b26f	dll		Dridex
2021-01-25 16:38:06	8cf135b18385d551974bd154f551c480826168f358a3bf193af14ed514901411	dll		Dridex
2021-01-25 16:15:32	2749f92ccbfd6ee510d6174185e05c01a2fb1e6e7bb1a73ba243f544994793d1	dll		Dridex
2021-01-25 16:01:12	cca9aed96290ad88de6eb83b53880e9b5ba6b6b42485b05a99aaf2c4dfce78e9	dll		Dridex