URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: tribunal.ug
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2020-05-22 10:33:07 UTC
Total malware sites :1
A record(s) observed :12

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2020-07-12 16:07:20 217.8.117.77Not listedAS49505 SELECTEL- TMno
2020-05-27 17:08:31 217.8.117.45Not listedAS49505 SELECTEL- TMno
2020-05-27 08:17:04 49.51.134.20Not listedAS132203 TENCENT-NET-AP-CN- DEno
2020-05-27 02:55:56 62.113.118.219host-62-113-118-219.hosted-by-vdsina.ruNot listedAS48282 VDSINA-AS- RUno
2020-05-25 22:43:58 162.62.53.243Not listedAS132203 TENCENT-NET-AP-CN- DEno
2020-05-27 01:31:28 47.241.1.122Not listedAS45102 ALIBABA-CN-NET- SGno
2020-05-25 21:28:40 5.53.124.243thedacxi.comNot listedAS49505 SELECTEL- RUno
2020-05-25 11:39:03 101.32.5.54Not listedAS132203 TENCENT-NET-AP-CN- HKno
2020-05-23 06:04:22 195.140.146.65default.clo.ruNot listedAS29182 RU-JSCIOT- RUno
2020-05-22 10:33:10 5.101.50.99do2yvfj24mi7p2jp.comNot listedAS49505 SELECTEL- RUno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2020-05-22 10:33:10http://tribunal.ug/zxcvb.exeOfflineArkeiStealer ext AZORult ext NetWire ext RaccoonStealer ext vxvault

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2020-08-16 14:09:42308c96557c6be5d4519ba4bac38c23e611c7b61683cfc1063a6009e216c24f5eexeRaccoonStealer
2020-08-06 09:31:58b7b4548520de8927b3457b599a4b3afb3b686de57dd4b186c2c7ee6c00524377exeRaccoonStealer
2020-07-30 14:22:5207dd81aa4994d15fd4d26bb4b9a4aa5dff47d99da2ab76718f480f62cb4ddb93exeRaccoonStealer
2020-07-23 16:20:23f153e1bf81a8faf42cff46480b58bf538a3a7c6085b2e67facc94ea8e879eca2exe RaccoonStealer
2020-07-17 05:24:11aecddb3a9656759f5681708172573f435c3db0539d6a7a0230ec93b4e3f131a1exe  
2020-07-14 14:25:203b0d6b26dd2152ce85b4487777afc66e2ea37f33697d6ffe07608b79ffd47614exe  
2020-07-12 16:07:123d4820c098548ddeb284389d43bc1ce29b4171bae99de28f83727624377b4f21exe  
2020-07-10 09:04:0557fa7385d4d9d98c498ed421e98cc5900ca489703055af7ccf0edff69c1fe749exe RaccoonStealer
2020-07-08 07:35:0507145b3504f4fe39434718b6b68fdecc52c909e135271f5461488f7b23c7b55fexe  
2020-07-01 18:57:17e4692010fd3d0a88db68face738f5538ec067e3d2066f8d45ff1fe84ba5cb09dexe  
2020-06-28 12:10:373e9f05acde528ea5fd7ca9d0c2af0e82d29e343d2f61420290e6f660630cd25fexeNetWire
2020-06-24 18:06:15682be0853ccd6f60deb69d27941a628758c4e13e7d2e6ee95a95f415f3a9f0c6exeAZORult
2020-06-20 15:49:4014de928a31f94b3595d463b72256c95f0cbe43e893f646fb350785f5fb00f0a2exe RaccoonStealer
2020-06-18 12:15:46643e45ab9ae91c44f60ca66f1f0b54e64d206c1a15c700903f7bfbd42ff909c0exe  
2020-06-15 10:33:53bcb474ac919440674135c673d8c6a0fc8015a63a15b2849c3346f74a716b5249exeRaccoonStealer
2020-06-07 21:39:3246bb9b17ea1a28c88eb4a21e10698e00119bb3fb1c71bdde636922fed2a9d6e3exe  
2020-06-03 10:27:197294bdc3333d08ac9c2397b3555c0126928c13600b23de09f21841cfee83f55aexeRaccoonStealer
2020-05-30 19:18:39e980a2681eca218a103477e32bcd75731ddb1a177d9ca7d6862298ad0bd20ea1exe  
2020-05-27 17:08:30a8c4819383dd56652ece8564037c30367bc2f1b6f13fcd6fe6bec532eaf4762bexe  
2020-05-24 15:29:1315145ed8e5ae3cf2acf9ad25bbcb3f782c4d8ba9674185d06baa66ae6d17f25aexeRaccoonStealer
2020-05-23 08:04:349788eb6db83aafc366fbb615958f3a67c5d9c62d1ba87694aef12a30adfc9cb2exe ArkeiStealer
2020-05-22 10:33:107d02ae5ae3ed3b7a13ff5495174216ea3195764d7154b8e9b4997c74fd08fb09exeRaccoonStealer