URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: paldo.ac.ug
Abuse complaint sent?: Yes (2022-11-26 16:45:02 UTC to cmusisi{at}uol[dot]co[dot]ug,ksemat{at}eahd[dot]or[dot]ug)
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2022-11-26 16:41:08 UTC
Total malware sites :4
Online malware sites :0 (0%)
Offline Malware sites :4 (100%)
A record(s) observed :1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2022-11-26 16:41:10http://paldo.ac.ug/ccc.exeOfflineexe abuse_ch
2022-11-26 16:41:10http://paldo.ac.ug/azna.exeOfflineAZORult ext exe abuse_ch
2022-11-26 16:41:10http://paldo.ac.ug/rc.exeOfflineexe RemcosRAT ext abuse_ch
2022-11-26 16:41:10http://paldo.ac.ug/pm.exeOfflineAsyncRAT ext exe abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2022-12-06 09:52:10819dd31283a97f7522b876a717c2076bd1a2cc433ab786f55d9f2466c8b54d4aexe  
2022-11-26 16:41:10e555fe3baa7d282f00cdaccf6ce2820d9fdc6556f8f24d69971c30bf06bd3812exeAZORult
2022-11-26 16:41:10f2643b4686b59c10dd7e51a8482f5515f15ab47eb81b6d8674b135c7ea266d24exeRemcosRAT
2022-11-26 16:41:10963f054c289e0855e2d119fa2e290bcc3a1d7787c60ed226fb6512b52b3750c5exeAsyncRAT
2022-11-26 16:41:090bfbec3b2b790a7d3096c8fa37299a18f8be2abe7c39154a9cca066329984b26exe