URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2021-07-27 15:14:10 | 146.59.132.186 | Not listed | AS16276 OVH |  FR | no | |
| 2021-07-08 16:18:04 | 37.0.11.114 | Not listed | AS3758 SINGNET |  SG | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2021-07-27 17:52:03 | http://sxzn.a4t.in/svchost.exe | Offline | 32 AveMariaRAT  exe Matiex |  zbetcheckin |
| 2021-07-27 15:14:10 | http://SXZN.a4t.in/tasksmgr.exe | Offline | AveMariaRAT exe rat RemcosRAT |  abuse_ch |
| 2021-07-08 16:18:04 | http://sxzn.a4t.in/ChromeSetup.exe | Offline | exe SnakeKeylogger | abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2021-09-11 07:06:49 | 9d1f73dc28e7c2ae89a87fb4178a025f06466530de42f2de2015538f06866f60 | exe | AveMariaRAT | |
| 2021-09-10 16:44:17 | bc15dc3f5b700bba2bfded2b64ce332f88ba4c95d7d543e2d7ad2447ed789f37 | exe | Matiex | |
| 2021-07-27 17:52:03 | e51033b63bf3a77604f76f2b863b0dc1f4c86d936c807c0201ea4c24950b91a2 | exe | AveMariaRAT | |
| 2021-07-27 15:14:09 | ed3a96630761ee25131c40b747f50fc55aa85d5e8f631f71bbfc901dd96bac13 | exe | RemcosRAT | |
| 2021-07-08 16:18:04 | af9106047d3438d552b682513293bba89c20d49ecce9d535b9e136b91f640a7b | exe | SnakeKeylogger |