URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	tgc8x.tk
Abuse complaint sent?:	Yes (2022-11-02 06:10:02 UTC to abuse{at}freenom[dot]com)
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-11-02 06:06:09 UTC
Total malware sites :	19
Online malware sites :	0 (0%)
Offline Malware sites :	19 (100%)
A record(s) observed :	2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-11-02 06:06:13	50.115.174.192	mail.etheereum.org	Not listed	AS32875 VIRPUS	US	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-11-02 06:07:14	https://tgc8x.tk/tt/BCBCBDHDHD.exe	Offline	exe RemcosRAT	jstrosch
2022-11-02 06:07:14	https://tgc8x.tk/tt/eurob.exe	Offline	exe RemcosRAT	jstrosch
2022-11-02 06:07:13	https://tgc8x.tk/t/RHDGHGDSYTUR.exe	Offline	AsyncRAT exe	jstrosch
2022-11-02 06:07:13	https://tgc8x.tk/tt/HENWAR.exe	Offline	AveMariaRAT exe	jstrosch
2022-11-02 06:07:13	https://tgc8x.tk/tt/johnrem.exe	Offline	exe RemcosRAT	jstrosch
2022-11-02 06:07:13	https://tgc8x.tk/tt/henrem.exe	Offline	exe RemcosRAT	jstrosch
2022-11-02 06:07:13	https://tgc8x.tk/tt/VCXVNCXMCXGJJGDF.exe	Offline	AveMariaRAT exe	jstrosch
2022-11-02 06:07:13	https://tgc8x.tk/tt/XCXCBBDFDHHD.exe	Offline	exe Formbook	jstrosch
2022-11-02 06:07:13	https://tgc8x.tk/tt/w.exe	Offline	exe Formbook	jstrosch
2022-11-02 06:07:12	https://tgc8x.tk/tt/marryoo.exe	Offline	AgentTesla exe	jstrosch
2022-11-02 06:07:12	https://tgc8x.tk/tt/ptr.exe	Offline	exe Formbook	jstrosch
2022-11-02 06:07:11	https://tgc8x.tk/tt/BCVCBBDHDDHD.exe	Offline	exe Formbook	jstrosch
2022-11-02 06:07:11	https://tgc8x.tk/tt/hum.exe	Offline	AgentTesla exe	jstrosch
2022-11-02 06:07:11	https://tgc8x.tk/tt/lamboo.exe	Offline	exe RedLineStealer	jstrosch
2022-11-02 06:07:11	https://tgc8x.tk/tt/africa.exe	Offline	exe Formbook	jstrosch
2022-11-02 06:07:11	https://tgc8x.tk/tt/kexe.exe	Offline	exe Formbook	jstrosch
2022-11-02 06:07:11	https://tgc8x.tk/tt/maryxloader.exe	Offline	exe Formbook	jstrosch
2022-11-02 06:06:13	https://tgc8x.tk/CVBCVBVCBVCBD.exe	Offline	AsyncRAT exe	jstrosch
2022-11-02 06:06:13	https://tgc8x.tk/t/CVBCVBVCBVCBD.exe	Offline	AsyncRAT exe	jstrosch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-11-04 10:01:33	6bcfe7bb68fe8ed455aa7b27eaf36bd89748f010201889626804c57f46c15cc0	exe	RemcosRAT
2022-11-03 11:21:53	11a2113e2974db7c18160ff2993c1513f6fa22ef3e86102dd1df775ebd6ea9e0	exe	RemcosRAT
2022-11-03 06:52:22	c2806b394c62e13d3cfc2675aab8447394f8ba0ea357f9bf2073cc811b8fecc1	exe
2022-11-03 06:48:11	4a9f8a3b847fa9d2e854d3a7235ddee8e4c093d04c3901f006d430be1060fae5	exe	RedLineStealer
2022-11-03 03:58:33	6d3397c687aea5017b90a5e96adc6fbfb0429d56a8b2ead1f1d4273994952379	exe	Formbook
2022-11-02 07:57:15	ec28d0562a15c6057e0d7b599687071f43807aa54fb8fad60138da24fb224afa	exe	RedLineStealer
2022-11-02 07:45:07	65054687e67c867b4f3a1fe66888dbc1e43f1152d44ba8a82e98f4374d54ec1d	exe	RemcosRAT
2022-11-02 06:07:14	238e7b87bd6d152fce3ae3dbe8ea4a9f3b56c883944cb93695c58fdc20aad6e8	exe	RemcosRAT
2022-11-02 06:07:14	dd228418c8681d5655b1189c61249f20c9da5e1661cad7efacea62a03fcf1687	exe	RemcosRAT
2022-11-02 06:07:13	248d6e28ce68880892021793e9a21f85a5a9ae64f25ed12af5ddba413084adb9	exe	AsyncRAT
2022-11-02 06:07:13	9b47c2a93d98536ae14add21abe194fa42611cd51a6d7c34980dc31f83f6f53e	exe	AveMariaRAT
2022-11-02 06:07:13	7458ae3948da0ce72c63f099f0c15240361d61805b6c4aafd6aee84de3c4132f	exe	RemcosRAT
2022-11-02 06:07:13	dfca7ce647ee8994cba9317516ce7f58b2b175f815fd5336dbfed34ccad5c4de	exe	RemcosRAT
2022-11-02 06:07:13	42ff33d8a2c198145c876fbfab4855fa43faaf292d10c73f144619c34714f97e	exe	Formbook
2022-11-02 06:07:13	97601111954fcaf73abb4283200237edd6e08c37533a28f66a50aa0808484ddd	exe	Formbook
2022-11-02 06:07:13	1acb33d44ff0dd6c5574b9546e688cc401a390510c7d3d05b74b47f8118272ab	exe	AveMariaRAT
2022-11-02 06:07:12	c1bc25f768e41a646f902de9572b855ac973cfa7a9c6bef82c5a99123a72e67b	exe	AgentTesla
2022-11-02 06:07:12	e1311c2daa9fd1d5a33362492509aa872040fa4a3539870229973616d65684b7	exe	Formbook
2022-11-02 06:07:11	d4b16018f7ea64cf88506858f2ffab461a39bd1ecef83be0fc9a96266e4f6149	exe	Formbook
2022-11-02 06:07:11	22e699dddb4e02a8f046243850a37c0f03295b5d2f95ed8f470919d916b30e51	exe	AgentTesla
2022-11-02 06:07:11	5e37a85642397700f4d2b763aef9debbed637b8d0a55caecd88b5deea01430fb	exe	RedLineStealer
2022-11-02 06:07:11	3c9ea84465ac087d0dda3ab93ad200e9913d527986ca8358d551ad81a14c9bfb	exe	Formbook
2022-11-02 06:07:11	8d2245952066731545e35c0dd194b48df2e16010d34136ed5b07bc96d763f613	exe	Formbook
2022-11-02 06:07:10	a2942f4b52d24096733c6a8373bc3cee7f1823120bf652c688b8296b04a94a96	exe	Formbook
2022-11-02 06:06:13	7ff14c21fd0b01bdde72c128356802e29242809bd3965e234ac1231da1c0893a	exe	AsyncRAT
2022-11-02 06:06:12	7ff14c21fd0b01bdde72c128356802e29242809bd3965e234ac1231da1c0893a	exe	AsyncRAT