URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	sowork.duckdns.org
Domain registrar:	Gandi
Domain registration date:	2013-04-12 19:58:56 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2021-09-06 16:47:03 UTC
Total malware sites :	2
Online malware sites :	0 (0%)
Offline Malware sites :	2 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2021-09-06 16:47:06	23.146.242.85		SBL679712	AS46664 VDI-NETWORK	US	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2021-09-06 17:05:05	http://sowork.duckdns.org/11d/solex.exe	Offline	32 exe Formbook GuLoader RaccoonStealer RemcosRAT	zbetcheckin
2021-09-06 16:47:06	http://sowork.duckdns.org/11d/dyno.exe	Offline	32 exe GuLoader RaccoonStealer RemcosRAT	zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2021-11-22 09:12:21	b5094678f221d1951715b487ba099a98d9d0007c79853600d81898f8d25f8233	exe		RaccoonStealer
2021-10-11 08:27:27	099e02bedaed90dc85dfaab83e2bc65fc45cf9f1c53298fa3415d1c7e3b057c7	exe		RaccoonStealer
2021-10-11 04:56:31	8b32464dfc8aa711a5469780f57ae24ddab4b65cd4eb2d9cb1d6797ce96de57f	exe		GuLoader
2021-10-11 04:39:22	ae4d46e3c772093c5ad9ee27e412f11e6be6923a1efeca80b1dba5d1fef8f62e	exe		RaccoonStealer
2021-10-04 16:17:42	e4b26e2c09188228c4db16281887a17e90baaf95c7b691fa75d05af9f79ff20a	exe		RemcosRAT
2021-10-04 08:44:49	6f476c63a6d699d1f0166313deb1e0f623c689882de8411bcd4f0b4f880526dd	exe		RemcosRAT
2021-10-04 08:30:18	3b6ea75a5628564667996ba672f4f8289d62a73aac96090024238f223db87e4a	exe		RemcosRAT
2021-09-29 07:01:01	5e0716efef9b86fed46cec2da9116f481add142b65aeb45be6d16666ac583404	exe		GuLoader
2021-09-29 07:00:24	694b6c17b725903cf563928c0e6d0857900dfd1773a2e12c9acc8fd30a2f16ad	exe		RemcosRAT
2021-09-28 07:06:57	47ab3e37baa7b201f6cb4ac0cfd7f486c018089220afee6a2f00bdbb50454fee	exe		RemcosRAT
2021-09-28 06:57:11	2b545e3f6a3451fa26c928e77db0963a03b41d6b774c99cc79ca9353baa84527	exe		RemcosRAT
2021-09-27 09:09:18	c54b1a3af48ef7f70434b9e90c33b4bcdccfbd20339d8164e34957890c67f888	exe		RemcosRAT
2021-09-27 09:08:08	7b3c49295c67d0de6a1739eca11609fc551805075fd66facfec8e2a2b6ca016c	exe		RemcosRAT
2021-09-27 00:48:55	1f2f9b357003d7816259c172bff00bc8be6305247a94594de4eb9a7e7ecbb385	exe		RemcosRAT
2021-09-26 23:02:10	8060a88a8253eafc4c38d56d58d8470b98765308aeafc1e873b95011cbb8cadf	exe		RemcosRAT
2021-09-23 08:49:50	397c1235b17a6b14fa61e480e59cf0d6c7d2cf7d633ae1c3957f82c23c985b95	exe		GuLoader
2021-09-23 08:48:27	b2573d8656ea0e2db5643a3aed1b8cbbd6f251cc4cff6c748f842e51b7829969	exe		RemcosRAT
2021-09-22 21:46:45	1b0f25b9bf0c76f9a52d3f5952f47b203e7112c72f8234d51155442bddddd42f	exe
2021-09-22 21:23:57	1b0f25b9bf0c76f9a52d3f5952f47b203e7112c72f8234d51155442bddddd42f	exe
2021-09-06 17:05:05	da71644ee66cad527be192aefdfb9e5c70f0977d111d95e3591c8221aca1ccfc	exe		Formbook
2021-09-06 16:47:04	6cbaf335b0737ddf3f782688324856ef573d1978897299461f7a43c8efeaa008	exe		RemcosRAT