URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: squadlegion.kozow.com
Domain registrar:Dynu -
Domain registration date:2015-10-25 00:13:01 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2021-09-28 15:12:03 UTC
Total malware sites :2
Online malware sites :0 (0%)
Offline Malware sites :2 (100%)
A record(s) observed :1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2021-09-28 15:12:07 194.36.178.69free.dsNot listedAS200740 FIRST-SERVER-EU-AS- SGno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-09-28 15:16:10http://squadlegion.kozow.com/m.exeOffline32 CoinMiner exe zbetcheckin
2021-09-28 15:12:07http://squadlegion.kozow.com/b.exeOffline32 CoinMiner exe zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-11-13 11:02:4752c44d26602303eff3243fc80f760e56bb483701993f995fcb4c5a542ccfa0f6exe CoinMiner
2021-11-11 20:22:19ea927951d140ae36b613e698856e656bcc9f4b65d75a89dd2f81f9aef33de375exe  
2021-11-11 17:17:06ce26e53c255329e7dc96a0acd54de2065e228b53edc337772127db2dfe227e21exe CoinMiner
2021-11-11 16:36:2995aa6887f08b460a490b7264a2b0a36826eb49625c6b10c82a14f4bc7cc23b0fexe  
2021-10-31 03:24:22856ec1c0d82402c07331b6828c320e2bbe830aef210e38292b7a9599e3edacb3exe CoinMiner
2021-10-30 19:10:367a77339b23e03d7b726fd9695dc86b905e07970cf4a9a413c3ef2356905cad22exe CoinMiner
2021-10-30 18:43:39ec4b67a2beae184593b02b64434241983edc805fda2e43701115efb1ccb4c28dexe  
2021-10-30 15:25:110381583d6121b04d1af05ef9e410352e7aec486f9929f157612d8f442fadb3a8exe CoinMiner
2021-10-30 14:04:35e1668947f5df6cbcf0da23e0a1e6febf0d39b96bb24f9396fa36f99e82a95ab9exe CoinMiner
2021-10-30 12:22:097bfddc26f823d32207d3a6309a311c4e7aa5945b19ead18dcab635af3cd02e34exe CoinMiner
2021-10-30 10:55:4018dc00c42cfda5913af32f1fdb0208b436f2e1d4629485d6cf54e85fb51f79ceexe CoinMiner
2021-10-30 09:00:19e6833b82c7f442e159857c198ac59d3ec2161a675a6d091f16b5390df4946cddexe CoinMiner
2021-10-30 08:47:17c6a24a2c6bf1bb9b804ffb4e3e4c8359d06f7520f573e329ee1d425a186a74d5exe CoinMiner
2021-10-30 07:09:13a47e7ba3903cd77c5d15bbb6841dcb196783c0c753a690ac19366b02f0bdd94dexe CoinMiner
2021-10-30 06:22:0705adb109e58a0f24554f6a7d2a988e2600a01cb18f55d4d1fe0e7c4001ca4fc2exe CoinMiner
2021-10-30 06:10:19866c6d1de9204ae8b6738ce615fa8d4e1852adfdd1136020e9ffed227873576eexe CoinMiner
2021-10-30 05:54:1438a3086bea0968dcbf4a52cec904bcfc93ae3c7ab10a5e6db19aad622665aed9exe  
2021-10-30 05:25:3919a09563113240451d2ba3ae76d58b349548695748c22566a7861f582627860cexe CoinMiner
2021-10-30 04:55:2291898baafcfcbde9fbea557b433be1d410405a1e60520e14552fa1f37dd5a26bexe  
2021-10-30 04:33:566ff3be0f8bf943e7fc84ef40a4623427b8887c281afdd74622d45b3c6ce649ccexe  
2021-10-30 04:09:186e2b13accb0943ec78fe79300615756b2db2fd3f3b984cc5c04ac35ab7cc5128exe  
2021-10-30 03:26:3338d7d92438822ba76c69e0a6ad34650397623d903356db5cfee82307367b528bexe CoinMiner
2021-10-30 02:19:292927f080b7e532f9b41452bb863ea6ed5b7806f597367771614575887d4741c8exe CoinMiner
2021-10-30 00:05:095876c2a4a433356fdf29841f97780d9dab1dc7b193df9108281291a72c10ab69exe CoinMiner
2021-10-13 12:39:57fab7787c4091df4416960dd16b043e78c1e63e70db42841094a073912a7c39f7exeCoinMiner
2021-10-06 15:50:042a073ae75ece3d967d1dd97638a956c40bfd60207519bcbab19d31395b84e32eexe CoinMiner
2021-10-04 18:38:46bc529d223dd926485efd3cae4bda9c24fe228c4e4bde28329b2e4cb36509a694exe  
2021-10-04 13:01:21cf6953f285c658694718279fadef8228f724586a4d8cafa1c81f42af476bb6e1exe  
2021-09-28 15:16:10bcc7c88a78159d256da9838d8148b61bf92057b71eabf3bed83ed650d723562cexeCoinMiner
2021-09-28 15:12:07715e1eb5414e749e16fb3999dda7bcf8405e6fb4e14e66ddcbdf20a2e1af89c3exeCoinMiner