URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: upload-wefiles.com
Domain registrar:Namecheap -
Domain registration date:2022-08-31 04:44:49 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2023-04-21 06:07:03 UTC
Total malware sites :3
Online malware sites :0 (0%)
Offline Malware sites :3 (100%)
A record(s) observed :10

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2023-08-17 18:35:19 192.64.119.70Not listedAS22612 NAMECHEAP-NET- USno
2023-08-17 09:58:45 45.15.158.247scared-pie.aeza.networkSBL655671AS60042 OnTelecom-AS- RUno
2023-08-15 14:01:01 188.114.96.3Not listedAS13335 CLOUDFLARENETn/ano
2023-08-15 14:01:01 188.114.97.3Not listedAS13335 CLOUDFLARENETn/ano
2023-07-13 13:24:04 38.242.138.203fergo-node2.fearvm.comNot listedAS51167 CONTABO- FRno
2023-06-03 14:21:52 194.110.247.127verificatienu.comNot listedAS200019 AlexHost- MDno
2023-05-09 21:34:43 77.72.7.188storm-competitions-frontend-4.cloud.hiltonhosting.comNot listedAS12488 KRYSTAL- GBno
2023-04-21 06:07:05 104.21.29.216Not listedAS13335 CLOUDFLARENETn/ano
2023-04-21 06:07:05 172.67.171.222Not listedAS13335 CLOUDFLARENETn/ano
2023-05-03 23:01:48 185.252.179.21Not listedAS214238 iwihost- AEno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2023-04-22 01:53:05https://upload-wefiles.com/svchost.exeOffline32 exe RedLineStealer ext zbetcheckin
2023-04-22 01:22:10https://upload-wefiles.com/download/slip.exeOffline32 exe zbetcheckin
2023-04-21 06:07:05https://upload-wefiles.com/download/toba22bbc.exeOfflineAgentTesla ext exe VectorStealer abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2023-06-29 15:13:49c3605d9a7e5cd2f57b09f4e5721b9817df3803e113d10cf8a70859cb73d02e3dexeRedLineStealer
2023-06-23 13:14:299802c511f650d5eb611d309889655ac2f8daab5f87c30463b2505da99076192bexe RedLineStealer
2023-06-20 22:59:07fd9b0bcab91a3899bd4720e00819f2c2e0cd5d5cc084e18e9f86b489e2b995a9exe RedLineStealer
2023-06-17 21:41:290f842fbfcad83b99c49c7c8d21c4682e23808d6b44dba3847382a54bc8a9d2f4exe  
2023-06-14 12:33:53708f8645d7490a37f453e560f3b451d4cd2383882f3b328ecc0c030fec12aa28exe  
2023-06-12 12:49:4234cd4efd5b358e557b88e0cc4a3bb16019664d074ee0c9b895ad49c44b2ce2daexeRedLineStealer
2023-06-10 20:53:15e1658d982758514877f382b0c5cfda1ce99720bd7aa707f36325981fe0a5a964exe  
2023-06-08 20:39:50ee214b4a769770425ce6a30af6abf3330b708c5e2da8694c482a403e4aa43d30exe  
2023-06-06 22:23:48d1500c9d1f282e94f693ad2fc84ff732551c2b7020c86c03dc22ada142b91460exe  
2023-06-03 11:00:57117923fa4c78bd37c924ad1e59c636a9a9337d4d58df9e1779be1c0e3a94151aexe RedLineStealer
2023-05-29 01:07:08aa1e3e22f8f01590aab1cefdcac89785b76f4e0aa33958af5bac5c5a889ef884exe RedLineStealer
2023-05-28 08:58:53111e8214fea23543ee499ed1a5d77da8a2a0002359c45d011367b3313bd3d906exe RedLineStealer
2023-05-21 19:59:24bbd22134bbbb870710356d411613f6b249f9f38a51841e9780eb2a11340f6728exeRedLineStealer
2023-05-15 22:58:208925cfc866e5b52ad7055246b75d70d5ddba6dcac8ea6daf4f34b9a532a6e806exe  
2023-05-09 21:34:25aa0f96be29bd7888fdbd195fb56e741aad5f13b9a1df4a7e74a085924240f597exeRedLineStealer
2023-05-08 19:13:51929e8a2598a4046d4064b608af291b658872c5f2a6bc089467bdf1925fce5aa6exeRedLineStealer
2023-05-03 23:01:38d5b3cff7109056f5f8c9b8944556caf49ae5071a6f93a6fb7a6c4916fca2a52fexe  
2023-05-02 11:57:240f40352a01ff3d7ce8c791bfce5029c4765ebdc4802210e605392d7a49d4d94eexe  
2023-04-24 22:35:58394a86f45a0061e79dd2923a7db4256082edd7d6a278edd4ef7ed88c9b39acc8exeRedLineStealer
2023-04-23 21:30:175316effe64674529171a00872d992e275aff5abfdb3165021eae3b5ac5529f70exeAgentTesla
2023-04-22 01:53:056d45f102f456a95eaf31e9a1851c031e6fccbc852c8d56e1fc665aea7945579aexe 
2023-04-22 01:22:1086e141f8e4c978f1a95493b07c0ee43691e049d0310723cfcf645a158ca5b5c0exe 
2023-04-21 06:07:05edcf7182460deb84c07d79968ebb518cc9c8611148a4eb0e1e37b78ff175f275exeVectorStealer