URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	smtp.qwertzx.ru
Domain registrar:	REG.RU
Domain registration date:	2022-04-11 09:15:27 UTC
Spamhaus DBL :	Not blocked
SURBL :	Blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2024-02-08 07:18:04 UTC
Total malware sites :	4
Online malware sites :	0 (0%)
Offline Malware sites :	4 (100%)
A record(s) observed :	144

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-06-20 08:59:18	31.177.76.32		Not listed	AS48287 RU-CENTER	RU	no
2025-06-20 08:59:18	31.177.80.32		Not listed	AS48287 RU-CENTER	RU	no
2024-04-24 22:41:17	194.67.71.167		Not listed	AS197695 AS-REGRU	RU	no
2024-04-12 01:54:52	194.67.71.172		Not listed	AS197695 AS-REGRU	RU	no
2024-04-26 09:27:55	194.67.71.154		Not listed	AS197695 AS-REGRU	RU	no
2024-04-21 11:09:42	194.67.71.113		Not listed	AS197695 AS-REGRU	RU	no
2024-04-29 20:08:18	194.67.71.178		Not listed	AS197695 AS-REGRU	RU	no
2024-04-24 09:34:06	194.67.71.140		Not listed	AS197695 AS-REGRU	RU	no
2024-04-26 02:18:32	194.67.71.171		Not listed	AS197695 AS-REGRU	RU	no
2024-04-18 11:22:42	194.67.71.137		Not listed	AS197695 AS-REGRU	RU	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-02-08 08:06:12	http://smtp.qwertzx.ru/native.exe	Offline	32 CoinMiner exe Rhadamanthys	zbetcheckin
2024-02-08 08:06:10	http://smtp.qwertzx.ru/ghjk.exe	Offline	32 CoinMiner exe Rhadamanthys	zbetcheckin
2024-02-08 08:06:05	http://smtp.qwertzx.ru/asdf.EXE	Offline	32 CoinMiner exe Rhadamanthys	zbetcheckin
2024-02-08 07:18:09	http://smtp.qwertzx.ru/asdfg.exe	Offline	32 CoinMiner exe Rhadamanthys	zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2024-04-07 08:03:17	37423f57b1bd00b5ab8f21f679f35738dc066a37817804de9a362a142b3d5cde	exe
2024-03-27 14:26:41	432747c04ab478a654328867d7ca806b52fedf1572c74712fa8b7c0edb71df67	exe		CoinMiner
2024-03-27 14:11:40	432747c04ab478a654328867d7ca806b52fedf1572c74712fa8b7c0edb71df67	exe		CoinMiner
2024-03-27 14:08:14	432747c04ab478a654328867d7ca806b52fedf1572c74712fa8b7c0edb71df67	exe		CoinMiner
2024-03-27 13:56:02	432747c04ab478a654328867d7ca806b52fedf1572c74712fa8b7c0edb71df67	exe		CoinMiner
2024-03-20 06:15:28	cd9709a47f998a7dac16552b9af6c728c4d14dc6d174689cdd839bf67038028d	exe
2024-03-20 06:10:20	9b673d85e3eee6a10658e102741afe6331c9b57ad99348d4db73eee136491ec0	exe
2024-03-20 05:24:34	dcbf84dfaa590c23b90d201574c9dc4ca96f73a6bf01f0db3f784bd3618848ae	exe
2024-03-20 04:44:06	88d636d07935a0f7d25494f4482eee14a25b4bfbcc319612f2e9aa594e978ee8	exe
2024-03-20 04:20:15	f6151286d2bdf8b0d2d5582e13bffb92d7e107d2c64df236eb6130409739e473	exe
2024-03-20 04:14:49	4586685a23da8211949d21b632a73267d7cb082f8fec37ccc49c50604c3b374c	exe
2024-03-20 03:20:05	0097cec808870ae6bcd3bf26e0c0e7cee83fc31af243cfc29f831af447907d25	exe
2024-03-20 01:15:09	8a5d02379fe562c2d254c8ed504fb46434601446b2ef4b925b9e78efb7a0c8ec	exe
2024-03-19 14:13:04	d40bea48cb4a948e586a6fcaede6ba5cadc0197f33e123a7f0587453e436a649	exe
2024-03-19 14:12:11	6052a9c21fcfe7fa112634a5fb6139f2fa6c2a8345068cc5825a234424741da2	exe
2024-03-19 09:31:20	0a1a0e6eb4e5f028310ed9f4f6c706455572d5b53fbb5d4f8910252928105c05	exe
2024-03-19 06:52:54	384f158c6986e43d7014de8840f9e006894a257d44dd5111278f758f0e3a3ea4	exe
2024-03-19 00:28:48	677a935290780cc33cbe4fe3ca33028f0637a732feb705c593bb767619b44fe5	exe
2024-03-18 12:20:23	4dc4a5731364b47800189b82f0fe51fa1bda5ea828af59b57f22c88b7b13894e	exe
2024-03-18 06:29:51	b453521f6646b621bf11c56988ef9b5f1a787333b05beb8aa3a330c2a8dec603	exe
2024-03-18 04:27:21	aae346a5c9c9ffb7aae74d5bd26f8da4d08ea4d0a95ee5705db9d7d83aaffc8d	exe
2024-03-18 01:32:50	9320d7bb6dc2ebd7f0c9b73d56e6f533020685144346bdde3151082f4d583f35	exe
2024-03-18 00:18:52	53995490e636a8b3fde7f36482493dbe2a54038a281d72d28c4b18d128d030f1	exe
2024-03-17 19:05:15	17ac7627a6cd41de13d1b78345f3dd3b4a48adb7274800803a63a4e08d15d07c	exe
2024-03-17 16:43:15	adfbb1a99f6c27d24943540fac36fecd417ead479ba434c2cdab8d5bbd9ecf0d	exe
2024-03-17 16:28:25	4dc4a5731364b47800189b82f0fe51fa1bda5ea828af59b57f22c88b7b13894e	exe
2024-03-17 13:21:15	cc3297c939da3378fb8685a4403aa052c582ab0b72bc175bb7f34d55efa0844a	exe
2024-03-17 12:06:02	4dc4a5731364b47800189b82f0fe51fa1bda5ea828af59b57f22c88b7b13894e	exe
2024-03-17 03:54:32	8517fead203e3801181113434387c1093506cab704e6437de530e138511b1632	exe
2024-03-16 15:41:52	5fe454438ae1c33f24534030d9a2518d1f5eec40fe831ee4aa39c0188d98eaa4	exe
2024-03-16 11:22:25	97649a7389fca455f24640bb714f824f8ccefb1fe8666dc017b6c93478a4ed1a	exe
2024-03-16 05:45:26	abfff4c2953d4621f9724d1d73e3cf1909cf625ab00013d5e155143fcc7969ed	exe
2024-03-16 01:11:27	6cf71c4072b6880d1b9ea23dbeeff785f21e29eb3ef7184b4a3c0e2218795c96	exe
2024-03-15 12:43:02	fddd611c676c2a28c7968cb96c141fdadef8e7df6970d2fec066050089195b6c	exe
2024-03-15 12:02:39	b5d4272b432044d058ad4eccff0e838e8d63986077640003bef3f84af71afc3d	exe
2024-03-15 01:05:35	650f0248f6b9b3287e7bca580b50e435652ce809a59cd889596188e31711cbde	exe
2024-03-14 17:10:16	b15d823b55950a716641c51f939accf3306143fb1f8c3c0e19499aba738966b7	exe
2024-03-14 14:16:45	13e72ecb16c10956fb9de212d482ae342f7f1d16c0c9b30c630e656bdf048791	exe
2024-03-11 01:07:52	8dcb834fb265f9973a39b8438f84202d0ea013071d53991010fd3bd54e7494fd	exe
2024-02-08 08:31:07	217fbf967c95d1359314fcd53ae8d04489eb3c7bdc1f22110d5a8a476d1fc92e	exe		Rhadamanthys
2024-02-08 08:06:12	217fbf967c95d1359314fcd53ae8d04489eb3c7bdc1f22110d5a8a476d1fc92e	exe		Rhadamanthys
2024-02-08 08:06:10	217fbf967c95d1359314fcd53ae8d04489eb3c7bdc1f22110d5a8a476d1fc92e	exe		Rhadamanthys
2024-02-08 07:18:09	217fbf967c95d1359314fcd53ae8d04489eb3c7bdc1f22110d5a8a476d1fc92e	exe		Rhadamanthys