URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	partaususd.ru
Domain registrar:	RU-CENTER
Domain registration date:	2024-06-19 00:16:25 UTC
Spamhaus DBL :	Not blocked
SURBL :	Blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2019-08-31 08:42:02 UTC
Total malware sites :	18
Online malware sites :	0 (0%)
Offline Malware sites :	18 (100%)
A record(s) observed :	14

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-06-20 01:45:28	31.177.76.32		Not listed	AS48287 RU-CENTER	RU	no
2025-06-20 01:45:28	31.177.80.32		Not listed	AS48287 RU-CENTER	RU	no
2024-07-06 05:03:44	91.215.85.223		SBL615768	AS200593 PROSPERO-AS	RU	no
2019-09-29 08:49:34	129.226.61.210		Not listed	AS132203 TENCENT-NET-AP-CN	HK	no
2019-09-29 07:50:25	161.117.202.159		Not listed	AS45102 ALIBABA-CN-NET	SG	no
2019-09-27 06:51:16	8.208.76.142		Not listed	AS45102 ALIBABA-CN-NET	GB	no
2019-09-25 04:38:15	47.90.242.80		Not listed	AS45102 ALIBABA-CN-NET	US	no
2019-09-23 07:51:56	47.254.192.98		Not listed	AS45102 ALIBABA-CN-NET	MY	no
2019-09-19 10:21:22	47.252.11.188		Not listed	AS45102 ALIBABA-CN-NET	US	no
2019-09-16 12:31:35	8.209.73.93		Not listed	AS45102 ALIBABA-CN-NET	DE	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-07-06 05:42:09	http://partaususd.ru/pps.ps1	Offline	opendir ps1	NDA0E
2024-07-06 05:40:17	http://partaususd.ru/ghjk.exe	Offline	exe opendir Rhadamanthys	NDA0E
2024-07-06 05:34:31	http://partaususd.ru/asdf.ps1	Offline	opendir ps1	NDA0E
2024-07-06 05:32:39	http://partaususd.ru/mkv.ps1	Offline	opendir ps1	NDA0E
2024-07-06 05:31:12	http://partaususd.ru/payload.ps1	Offline	opendir ps1	NDA0E
2024-07-06 05:30:50	http://partaususd.ru/ali.ps1	Offline	opendir ps1	NDA0E
2024-07-06 05:27:54	http://partaususd.ru/zxcv.ps1	Offline	opendir ps1	NDA0E
2024-07-06 05:26:04	http://partaususd.ru/telly.ps1	Offline	opendir ps1	NDA0E
2024-07-06 05:25:17	http://partaususd.ru/net.exe	Offline	exe opendir Rhadamanthys	NDA0E
2024-07-06 05:22:15	http://partaususd.ru/zxcvb.ps1	Offline	opendir ps1	NDA0E
2024-07-06 05:17:47	http://partaususd.ru/ppx.ps1	Offline	opendir ps1	NDA0E
2024-07-06 05:16:37	http://partaususd.ru/qwerty.ps1	Offline	opendir ps1	NDA0E
2024-07-06 05:13:34	http://partaususd.ru/ghjkl.exe	Offline	exe opendir Rhadamanthys	NDA0E
2024-07-06 05:13:15	http://partaususd.ru/native.exe	Offline	exe opendir Rhadamanthys	NDA0E
2024-07-06 05:12:03	http://partaususd.ru/asdfg.exe	Offline	exe opendir Rhadamanthys	NDA0E
2024-07-06 05:06:44	http://partaususd.ru/zxcvb.exe	Offline	exe opendir Rhadamanthys	NDA0E
2024-07-06 05:03:45	http://partaususd.ru/qwertyj1.ps1	Offline	opendir ps1	NDA0E
2019-08-31 08:42:02	http://partaususd.ru/asdf.EXE	Offline	AZORult exe NetWire	zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2024-07-08 10:41:12	33682e861b76b0ae22b7361f5b59bb7e69b95e69480156714f01e7044408b546	exe		Rhadamanthys
2024-07-08 10:19:03	33682e861b76b0ae22b7361f5b59bb7e69b95e69480156714f01e7044408b546	exe		Rhadamanthys
2024-07-08 10:07:49	33682e861b76b0ae22b7361f5b59bb7e69b95e69480156714f01e7044408b546	exe		Rhadamanthys
2024-07-08 10:02:25	33682e861b76b0ae22b7361f5b59bb7e69b95e69480156714f01e7044408b546	exe		Rhadamanthys
2024-07-08 09:43:58	33682e861b76b0ae22b7361f5b59bb7e69b95e69480156714f01e7044408b546	exe		Rhadamanthys
2024-07-08 09:21:37	33682e861b76b0ae22b7361f5b59bb7e69b95e69480156714f01e7044408b546	exe		Rhadamanthys
2024-07-06 05:40:17	7ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224	exe		Rhadamanthys
2024-07-06 05:25:16	7ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224	exe		Rhadamanthys
2024-07-06 05:13:34	7ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224	exe		Rhadamanthys
2024-07-06 05:13:15	7ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224	exe		Rhadamanthys
2024-07-06 05:12:02	7ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224	exe		Rhadamanthys
2024-07-06 05:06:43	7ccfae8644c3bc7439b88f2dc0de06bb5082de09b0bf5e143de17487ff252224	exe		Rhadamanthys
2019-10-07 18:27:55	c323b1c61fce054bc6b51f5a0b018e9e75163398a430c77829053c874e99070e	exe		NetWire
2019-10-06 15:35:32	d5074ebcb09f4cfd113c54f2001c211faf612763de97b064d935af12f9694038	exe		NetWire
2019-10-05 17:38:17	1a8905a7540970f2217360a38d9c02231bd8a3a7dd04ce0d5592d8f74f9e69bc	exe
2019-10-04 12:54:14	9491b6245a6dcb2bafb479f37f5b152e938951e876ae64165d6be864a4ddeec4	exe
2019-10-03 14:55:58	87d85f037a335c6ae7e2c6f5126292d589e7f435bf498ccb7ff6d0eb3e2891e0	exe		NetWire
2019-10-02 13:05:32	25ea02d374261d3bfa43c9c9e870b6369416977380c57c31e182c90cf10d27cb	exe		NetWire
2019-10-01 11:59:38	59a0db1a1962d4ac19733cb6b09db9c3a466af9f8784c23dcf9c9fb2e56764e3	exe		NetWire
2019-09-30 15:44:30	e91a6a2cf1bbd90ce801051ad2c3cdb8b3d7a30e3156eb4d4040ef461c475557	exe
2019-09-29 15:17:25	dfcde8a83cd63668a06e61c8662fd7a5616620b26e73f3066c43ff1198f173bf	exe		AZORult
2019-09-28 18:17:55	5ef3e6cd6a36e404358d05f2466e181216865db67d26e46a59925ba422ab8a99	exe		NetWire
2019-09-27 14:58:05	fba0aa7a56e03b0fcdbe81e75bb30f4cbc9c0e2793ceca25fdd76c9195d44115	exe		NetWire
2019-09-26 15:06:27	6ecc9c565124a0a10d48e9a162bc3b017f102d7bd6223d2cea727808335acaa7	exe		NetWire
2019-09-25 14:14:34	a2991511c140466a2e43899f3a0f4f75a3578a80b2959fd05048b47cfd359fe5	exe		NetWire
2019-09-24 15:46:25	21b295fe8632d5e1a7b06e7f7b5384b5eb4403f3d4887f1740e0fb7773f3c32d	exe		NetWire
2019-09-23 14:11:12	8c2607698ca26d631a02e9f59d6819986b860d76a7f9e178f20d8cac7b4fc1da	exe		NetWire
2019-09-22 14:44:12	0ce1ee263c3d1ecd89fd1a912dab98764d03fc34f1d887905948a72cd5f1b336	exe
2019-09-21 12:19:08	1b3eed52e35e2068200ccc21984db3dd5ca23eea63544194090715ac9a981bb5	exe		NetWire
2019-09-20 15:01:21	759b51159d85f303d969edaa08203853feb307e9f5d86b69e1efa567dffeeb13	exe		NetWire
2019-09-19 15:38:25	51ef54af1060bc0e421dc2c38050efed96d7c3feb14c0dfa1b35002ac076241f	exe		NetWire
2019-09-18 13:14:14	a36c7846f0e27dee5a53d53ff24132eb81c5e1f8ad437bc8685374118183e636	exe		NetWire
2019-09-17 19:03:22	50197fb4a7760a5e73a30457618f88543670607e2c8bf2fad1a10f41fff50544	exe		NetWire
2019-09-16 16:37:17	ca45ecfadb7558e2fd1971d274c0d707de272cc97b4a383e21929814f650b10e	exe		NetWire
2019-09-14 16:42:51	d02618502b33bdb86a73cd33d2f4b8144620fcb87fdffefbd2c107aaa2f76353	exe
2019-09-13 15:16:44	e4d258b78adbe54bf2bf0e4a9f7192c8ecc3813888f760560e28a7d44e59797e	exe		AZORult
2019-09-12 14:23:45	78bb9983865b827d71d93c403facf3328d2a440ccf3998eac7a949862eeb426d	exe		NetWire
2019-09-11 17:32:24	dbf842f60b42c9adaddabd1088d01965cf06dc8df6744197b8ed4acdb56502eb	exe		AZORult
2019-09-10 18:00:32	1f0b7d79bb14a7e6bb8d939e6a3f38ddbd3ef2c0446b0b69369eb39a52c2cf9d	exe
2019-09-09 18:09:23	c44080672d66b21a6a11d56b4ba7b38f44fc9fd366d8a3a4e40c374592a678f0	exe
2019-09-09 10:31:20	4ceb34780302570bf05dfcf5afda959a78f712ef44c4dbd611b009cbef983fb2	exe