URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	ring1.ug
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2019-10-18 22:52:02 UTC
Total malware sites :	21
Online malware sites :	0 (0%)
Offline Malware sites :	21 (100%)
A record(s) observed :	9

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2019-11-17 10:44:21	147.139.139.85		Not listed	AS45102 ALIBABA-CN-NET	ID	no
2019-11-14 22:10:39	79.143.31.155	d6w1lsxe5t0l25r2.com	Not listed	AS50340 SELECTEL-MSK	RU	no
2019-11-13 21:05:49	80.249.144.103	dobuvdd3vcmtoppl.com	Not listed	AS49505 SELECTEL	RU	no
2019-11-07 15:22:38	5.53.124.119	003165402.cartaprecatoria.online	Not listed	AS49505 SELECTEL	RU	no
2019-11-01 08:17:47	5.101.51.166	d78rviskh0srcxcz.com	Not listed	AS49505 SELECTEL	RU	no
2019-10-31 09:22:17	47.254.236.255		Not listed	AS45102 ALIBABA-CN-NET	MY	no
2019-10-30 10:08:31	194.67.90.77	194-67-90-77.cloudvps.regruhosting.ru	Not listed	AS197695 AS-REGRU	RU	no
2019-10-29 11:02:29	5.53.124.8	debucksnewlawnsodfarm.com	Not listed	AS49505 SELECTEL	RU	no
2019-10-18 22:52:06	47.74.190.146		Not listed	AS45102 ALIBABA-CN-NET	SG	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2019-11-11 23:31:05	http://ring1.ug/exe/starticon9.exe	Offline	ArkeiStealer exe stop	p5yb34m
2019-11-07 21:48:11	http://ring1.ug/files/cost/updatewin1.exe	Offline	djvu ransom	P3pperP0tts
2019-11-07 21:48:09	http://ring1.ug/files/cost/updatewin2.exe	Offline	djvu ransom	P3pperP0tts
2019-11-07 21:48:08	http://ring1.ug/files/cost/updatewin.exe	Offline	djvu ransom	P3pperP0tts
2019-11-07 21:48:06	http://ring1.ug/files/cost/3.exe	Offline	djvu ransom	P3pperP0tts
2019-11-07 21:48:04	http://ring1.ug/files/cost/4.exe	Offline	djvu ransom	P3pperP0tts
2019-11-06 14:31:06	http://ring1.ug/files/penelop/5.exe	Offline	ArkeiStealer exe	oppimaniac
2019-11-06 13:21:03	http://ring1.ug/exe/starticon11.exe	Offline	ArkeiStealer exe	zbetcheckin
2019-11-06 13:17:09	http://ring1.ug/exe/starticon4.exe	Offline	ArkeiStealer exe	zbetcheckin
2019-11-06 13:17:06	http://ring1.ug/exe/starticon8.exe	Offline	ArkeiStealer exe	zbetcheckin
2019-11-06 13:17:03	http://ring1.ug/exe/starticon10.exe	Offline	ArkeiStealer exe	zbetcheckin
2019-11-06 13:16:06	http://ring1.ug/exe/starticon6.exe	Offline	ArkeiStealer exe	zbetcheckin
2019-11-06 13:12:06	http://ring1.ug/exe/starticon12.exe	Offline	ArkeiStealer exe	zbetcheckin
2019-10-27 20:24:13	http://ring1.ug/exe/starticon3.exe	Offline	exe stop	zbetcheckin
2019-10-27 20:24:08	http://ring1.ug/exe/starticon1.exe	Offline	ArkeiStealer exe	zbetcheckin
2019-10-27 20:20:05	http://ring1.ug/exe/starticon2.exe	Offline	ArkeiStealer exe	zbetcheckin
2019-10-27 20:15:06	http://ring1.ug/files/cost/5.exe	Offline	ArkeiStealer exe	zbetcheckin
2019-10-27 20:11:06	http://ring1.ug/exe/starticon.exe	Offline	ArkeiStealer exe	zbetcheckin
2019-10-18 23:04:06	http://ring1.ug/files/penelop/updatewin.exe	Offline	exe	zbetcheckin
2019-10-18 22:56:07	http://ring1.ug/files/penelop/updatewin1.exe	Offline	exe	zbetcheckin
2019-10-18 22:52:06	http://ring1.ug/files/penelop/updatewin2.exe	Offline	exe	zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2019-11-17 16:32:56	c772d3cc812cd0cd7bb62b002df3be654574098a3ef4683cb5c807bcbbe8b861	exe	ArkeiStealer
2019-11-17 16:32:38	c772d3cc812cd0cd7bb62b002df3be654574098a3ef4683cb5c807bcbbe8b861	exe	ArkeiStealer
2019-11-17 10:44:50	25ae21623bc8f9b7788ac0cad7ff89dea59435e7819144173a61a0561897e42b	exe	ArkeiStealer
2019-11-17 10:44:33	25ae21623bc8f9b7788ac0cad7ff89dea59435e7819144173a61a0561897e42b	exe	ArkeiStealer
2019-11-15 11:06:01	12ec970a6ba2519765a72a3ab4a832290c98ed143cbf26af698db0a93d475f10	exe	ArkeiStealer
2019-11-15 11:03:50	12ec970a6ba2519765a72a3ab4a832290c98ed143cbf26af698db0a93d475f10	exe	ArkeiStealer
2019-11-14 10:13:52	eaff887788222e481f3f1c494a638e60988827a3e665be6ab59daef68843b779	exe	ArkeiStealer
2019-11-14 10:13:28	eaff887788222e481f3f1c494a638e60988827a3e665be6ab59daef68843b779	exe	ArkeiStealer
2019-11-12 11:54:05	18334bf61f0a168c1a7246f188daf650d24b6c53f76db3685cabaf1d106da448	exe	ArkeiStealer
2019-11-12 11:51:49	18334bf61f0a168c1a7246f188daf650d24b6c53f76db3685cabaf1d106da448	exe	ArkeiStealer
2019-11-11 23:31:04	08b6c38e79c9ac0ce7a7fafaaae1334c41d70b860ff2c8eb6b2742c58cdb06b3	exe	ArkeiStealer
2019-11-09 08:46:32	36213f57ceabe23ef76ec56f006c6fc1a1f03a6c94949b0f14b8e6dec26af98b	exe	ArkeiStealer
2019-11-09 08:46:16	36213f57ceabe23ef76ec56f006c6fc1a1f03a6c94949b0f14b8e6dec26af98b	exe	ArkeiStealer
2019-11-06 14:31:06	b00195d06350161758241dd77bbff9c8fd9ae927b1455c9ac31b36df5e3e7ad9	exe	ArkeiStealer
2019-11-06 13:21:03	4598a0c09cb160c295b10c02d3ccfb261cd728b11f4fd1d47db21702100670bd	exe	ArkeiStealer
2019-11-06 13:17:09	02a13ebd9224c7cc323da1cd280ad86b22f2afb8ec46c5de746ce07cd872e65b	exe	ArkeiStealer
2019-11-06 13:17:06	1b359f5e2446a66b1e44143fabdfe23de8c237e93eeae0e973646dd205a645a7	exe	ArkeiStealer
2019-11-06 13:17:03	b3fe4b11600f9d627b6e45a12eaa13759b38ba6be32be53a53660069bb842da3	exe	ArkeiStealer
2019-11-06 13:16:05	3d3df3e7eb70a5b2ec5d8484b65aa13b0bfa15161ad29b1435f17fc7c80cdef9	exe	ArkeiStealer
2019-11-06 13:12:06	7be5dde8b2e9644299e8b9db298c65449d0e6b351377533691c0f1ccc6bab1c4	exe	ArkeiStealer
2019-11-06 07:35:09	b00195d06350161758241dd77bbff9c8fd9ae927b1455c9ac31b36df5e3e7ad9	exe	ArkeiStealer
2019-11-04 11:30:31	7b3eb4e7cad673ac4e9d3894466a15dedd45621d116e0222209b3ab98b6677c3	exe	ArkeiStealer
2019-11-04 11:30:30	62b057020008025fdd1b9d5fe788487ef5c312b8dcae31b8edea1f41882a03f1	exe
2019-11-03 10:40:44	7be5dde8b2e9644299e8b9db298c65449d0e6b351377533691c0f1ccc6bab1c4	exe	ArkeiStealer
2019-11-02 19:41:13	4598a0c09cb160c295b10c02d3ccfb261cd728b11f4fd1d47db21702100670bd	exe	ArkeiStealer
2019-11-02 16:37:25	c84f1d6b8acb9807baf2a16dd480f64b307ade9b57b7a2d387a033e85cf5d83e	exe	ArkeiStealer
2019-11-02 10:55:27	b3fe4b11600f9d627b6e45a12eaa13759b38ba6be32be53a53660069bb842da3	exe	ArkeiStealer
2019-11-01 09:24:32	08b6c38e79c9ac0ce7a7fafaaae1334c41d70b860ff2c8eb6b2742c58cdb06b3	exe	ArkeiStealer
2019-10-31 14:04:35	1b359f5e2446a66b1e44143fabdfe23de8c237e93eeae0e973646dd205a645a7	exe	ArkeiStealer
2019-10-30 16:44:52	e3144bdf5832d4bb313acac8d9f7869995a68ef0bc6818d73d66150eca671655	exe	ArkeiStealer
2019-10-30 13:49:36	c84f1d6b8acb9807baf2a16dd480f64b307ade9b57b7a2d387a033e85cf5d83e	exe	ArkeiStealer
2019-10-30 12:09:31	6c85336356050bf7000958c5f9be85bed2f10d5bbf8d1bb7ed1974fcfc41e9d9	exe	ArkeiStealer
2019-10-29 11:02:29	3d3df3e7eb70a5b2ec5d8484b65aa13b0bfa15161ad29b1435f17fc7c80cdef9	exe	ArkeiStealer
2019-10-28 15:37:12	cc0d8e673a5e37b4ab405225ec313e928a1750622500884dfe0e3642a9a297ac	exe	ArkeiStealer
2019-10-28 11:25:36	f39c954c592021cf567b3bec1793399e80df0cfbf89816772f851c761c2387fb	exe
2019-10-27 20:24:13	7bc2928ce06e7db7bfe0bf3f2c2d2ff9df7f0a8041ea8c593dd0b912c1c3d3fd	exe	Ransomware.Stop
2019-10-27 20:24:08	2e44467717c1b09314bd7193af70683f20b0c5740f45fadbe28d5eff38690cfd	exe	ArkeiStealer
2019-10-27 20:20:05	34745abeba30e12a9dee88bcb7c3c9b119f8c21451a2d8ab2aec298c76b35616	exe	ArkeiStealer
2019-10-27 20:15:06	7baebcacdcb750d2bb2b8e7ccc404e673a63eac7f4eb6bf48c7b787663a1094b	exe	ArkeiStealer
2019-10-27 20:11:05	02a13ebd9224c7cc323da1cd280ad86b22f2afb8ec46c5de746ce07cd872e65b	exe	ArkeiStealer
2019-10-18 23:04:06	114ccacb7ca57c01f3540611fdf49e68416544da8d8077f5896434a4b71b01dd	exe
2019-10-18 22:56:07	14c7bec7369d4175c6d92554b033862b3847ff98a04dfebdf9f5bb30180ed13e	exe
2019-10-18 22:52:05	5caffdc76a562e098c471feaede5693f9ead92d5c6c10fb3951dd1fa6c12d21d	exe