URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	wooq.link
Domain registrar:	Namecheap
Domain registration date:	2022-02-11 12:09:25 UTC
Abuse complaint sent to registrar:	Yes (2022-02-12 19:56:01 UTC to abuse{at}namecheap[dot]com)
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-02-12 19:53:04 UTC
Total malware sites :	1
A record(s) observed :	3

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2022-02-12 21:42:08	213.226.114.217		Not listed	AS214822 MTFINANCE-AS	RU	no
2022-02-12 19:53:34	45.11.26.87		Not listed	AS214822 MTFINANCE-AS	RU	no
2022-02-12 20:48:41	45.143.137.181	bserv17.example.com	Not listed	AS47196 Garant-Park-Internet	RU	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-02-12 19:53:34	http://wooq.link/CERT.exe	Offline	ArkeiStealer exe	benkow_

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2022-02-13 22:20:39	54c3bb30df4081c466e00420885c6953491f09d193d8397a31908dc59cdedc8e	exe		ArkeiStealer
2022-02-13 21:21:07	f74acb705d02c071c3bdb02f60a86cd554d8800251c98f1485c8f80a5be5e115	exe		ArkeiStealer
2022-02-13 20:15:23	a268cefb29655149369b231946733f1e2409a940c0ac56b10201afd368d949e8	exe		ArkeiStealer
2022-02-13 19:19:01	c66486ee55d4221218b24f4c33d9f857aaa23d2a2ca6b4d8bf37cabba1cd9280	exe		ArkeiStealer
2022-02-13 17:36:27	4651ad55200989d20043dd2de97454987645c4e7c3c0642e935734b565bc95b5	exe		ArkeiStealer
2022-02-13 17:03:15	45fff1aac281bbe83e69c09c3f66efe3c38e16433a822bbd2fb16daf13ff8fab	exe		ArkeiStealer
2022-02-13 14:34:39	eff61bbcc4fb5dc8e7cdf916bd0341e05ecdceea59893fd3f048b9ff97a642e7	exe		ArkeiStealer
2022-02-13 12:53:55	303d14829da3ae885d93efcd36f71c8a2fc3428213591a242776906bac53c778	exe		ArkeiStealer
2022-02-13 11:07:12	a3b12e280259b7ed16cf405f54ce0dfc7331165893caafce1994ff5908366439	exe		ArkeiStealer
2022-02-13 10:46:14	76a4f5e2d39039f85fb14681dd6a64785973407a06799a48b3ec65bd9bff7515	exe		ArkeiStealer
2022-02-13 09:47:13	8ab7cd42f6b90e250f69f4c96efb32d36135bb1479acfec28344a4910a3a329b	exe		ArkeiStealer
2022-02-13 07:01:53	61b00eaf8df198caa3cbc58ca74b748538c88f55cbe7c7a702a7d4fb29879e9b	exe		ArkeiStealer
2022-02-13 05:52:40	31ad34787916e6d563c01153058489ad060f3d6f445a2ecbe7e5f6e031d677f7	exe		ArkeiStealer
2022-02-13 03:51:59	10769a2c8c8c7bfcce384961db461a731fb650a18052facbdb979ed788fce983	exe		ArkeiStealer
2022-02-13 01:26:40	779a8e7fe0ff8cb2036ec126030a2a3ea4c354f31a16b05b4fa55c8cc211ab81	exe		ArkeiStealer
2022-02-13 00:25:07	969056d8fd647fa92a67a740c4bd4b76cad0e51ec670b281e04acc590a1ba4fd	exe		ArkeiStealer
2022-02-12 22:35:26	b0fc7a2a5bc24543f56dc08e65950baec2b3d28bd900309321b912bb09a37e90	exe		ArkeiStealer
2022-02-12 20:48:36	3133fa158ceed84616d846bee91ef670425cc5568b5a96c34b48a9c8bcfe52ea	exe		ArkeiStealer