URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	www.grupodulcemar.pe
Domain registrar:	n/a
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2024-11-20 16:15:07 UTC
Total malware sites :	28
Online malware sites :	0 (0%)
Offline Malware sites :	28 (100%)
A record(s) observed :	1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2024-11-20 16:15:12	161.132.57.101	yl-huanta.yachay.pe	Not listed	AS3132 Red_Cientifica_Peruana	PE	yes

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2025-04-20 11:14:15	https://www.grupodulcemar.pe/RG0987890000.exe	Offline	10pluspositivesinVT AgentTesla	abus3reports
2025-04-20 11:14:03	https://www.grupodulcemar.pe/GD098765670000800.bat	Offline	10pluspositivesinVT SnakeKeylogger	abus3reports
2025-04-20 11:13:38	https://www.grupodulcemar.pe/FINAL%20REVISED%20...	Offline	10pluspositivesinVT AgentTesla	abus3reports
2024-12-20 04:38:08	http://www.grupodulcemar.pe/ION67898700.TXZ	Offline	ua-wget	BlinkzSec
2024-12-20 04:38:08	http://www.grupodulcemar.pe/987656789009800.exe	Offline	AgentTesla ua-wget	BlinkzSec
2024-12-20 04:38:05	http://www.grupodulcemar.pe/FTQP098767800.exe	Offline	SnakeKeylogger ua-wget	BlinkzSec
2024-12-10 19:26:08	https://www.grupodulcemar.pe/5MHIOPXJKTPrNvo.exe	Offline	exe SnakeKeylogger	abuse_ch
2024-12-10 06:23:08	https://www.grupodulcemar.pe/APQSKVTvd60SdAM.exe	Offline	exe VIPKeylogger	abuse_ch
2024-12-10 06:21:09	https://www.grupodulcemar.pe/HKP098767890HJ.exe	Offline	exe rat RemcosRAT	abuse_ch
2024-12-09 14:46:23	https://www.grupodulcemar.pe/factura.exe	Offline	exe RemcosRAT	abus3reports
2024-12-09 14:46:21	https://www.grupodulcemar.pe/H8hsp6zrMtJI2hC.exe	Offline	exe RemcosRAT	abus3reports
2024-12-09 14:46:19	https://www.grupodulcemar.pe/factura098765678.exe	Offline	exe Loki	abus3reports
2024-12-09 14:46:10	https://www.grupodulcemar.pe/PHJG9876789000.exe	Offline	exe SnakeKeylogger	abus3reports
2024-12-09 14:45:53	https://www.grupodulcemar.pe/PO076567890000.exe	Offline	exe RemcosRAT	abus3reports
2024-12-09 14:45:42	http://www.grupodulcemar.pe/DFSA0987789000PO.exe	Offline	exe Loki	abus3reports
2024-12-09 14:45:30	https://www.grupodulcemar.pe/FACTURA-0987678.exe	Offline	exe RemcosRAT	abus3reports
2024-12-09 14:45:20	https://www.grupodulcemar.pe/IB9876789000.exe	Offline	exe RemcosRAT	abus3reports
2024-12-09 14:45:12	https://www.grupodulcemar.pe/FACTURA-09876RT567...	Offline	exe SnakeKeylogger	abus3reports
2024-12-09 14:44:46	https://www.grupodulcemar.pe/FDR9876567000.exe	Offline	exe	abus3reports
2024-12-08 16:38:12	http://www.grupodulcemar.pe/FDR9876567000.exe	Offline		abus3reports
2024-12-08 16:38:11	http://www.grupodulcemar.pe/FACTURA-0987678.exe	Offline	exe RemcosRAT	abus3reports
2024-12-08 16:38:05	http://www.grupodulcemar.pe/FACTURA-09876RT5678...	Offline	SnakeKeylogger	abus3reports
2024-12-08 16:37:12	http://www.grupodulcemar.pe/PO076567890000.exe	Offline	RemcosRAT	abus3reports
2024-12-08 16:37:04	http://www.grupodulcemar.pe/FACT0987789000900.exe	Offline	RedLineStealer SnakeKeylogger	abus3reports
2024-12-08 16:36:09	http://www.grupodulcemar.pe/factura.exe	Offline	RemcosRAT	abus3reports
2024-12-07 14:43:16	https://www.grupodulcemar.pe/INVOICE-9876.exe	Offline	RemcosRAT	abus3reports
2024-12-07 14:43:04	https://www.grupodulcemar.pe/na56785590-.exe	Offline		abus3reports
2024-11-20 16:15:12	http://www.grupodulcemar.pe/FACTURA09876567000.bat	Offline	Loki	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2025-04-23 02:12:10	15aae50c58b0261ebdcd3d9e25e602e6162a58ad5558ea03f2ab9e0af68d7863	exe
2025-04-20 11:14:15	f9df399fabb84cf4ea29161e8dd8623565b6c0347de338adf44530ecfc746639	exe	AgentTesla
2025-04-20 11:14:03	f2b2dae4b5cd9c3cde870dd6a0722f73fbf8cb6d1936931dccf53a26196be040	exe	SnakeKeylogger
2025-04-20 11:13:37	b48781ff4d51bd55109d02956e02b8df838a1286684680e6c89275e04192a45e	exe	AgentTesla
2024-12-20 10:11:28	4812f254fab1c26cb4b899ac706bcca0742c74ac092ba9a45ac4963312ebaf9a	exe	SnakeKeylogger
2024-12-20 04:38:08	4efdfd3e946c82fdd9b9ef89db5e7f5a6b4c2e743ad7b3453c0a92405ebbb6d8	zip
2024-12-20 04:38:07	363da150d891da7bb5da8056414882429067a0fcb27f58363567567bf18a323e	exe	AgentTesla
2024-12-10 19:26:08	1d409e94b935c68a4b4841a1b2e05c6abf1ea827c419eab8bf3ee23229574160	exe	SnakeKeylogger
2024-12-10 06:23:08	cefa40083339d42320bc1f9ba33c578b8abe47e15eb0dd6b0ba2f734aa8f3d6d	exe	VIPKeylogger
2024-12-10 06:21:09	a6d6d1c8299f97f966d72373e999b5a8e6768914e27d5533307cf6878b95dce2	exe
2024-12-09 21:10:31	7053c8d9983dc949e5d559ba1b006b8ba9c059a23e06cd87c857c3d04201381b	exe	RemcosRAT
2024-12-09 17:31:22	d9b66f2580bd43a5b03487e161d925c63b3d485d22d71607060eb07e453c03d7	exe	SnakeKeylogger
2024-12-09 14:46:22	e51f50b3f520e3de0f0916e0291ad093aa0c50f6c81010001ce5aa2aee88f7b0	exe	RemcosRAT
2024-12-09 14:46:21	8dfdaaecfa4a530b2828a88e10859aab01ef8ec3072b623ce878d123e657adab	exe	RemcosRAT
2024-12-09 14:46:18	be789d9c5185f7f04ddb78f2b39f9dd7415080c4d975139fc612158b0b3a5bad	exe	Loki
2024-12-09 14:46:09	6328f5ad5d16dbe08046450470e8ca083f07a10aa97401b0425a59d224492b13	exe	SnakeKeylogger
2024-12-09 14:45:52	cec4f49a5374bf025bd1ccd700897e017be1e67ca6bc248dae9131a85db91c42	exe	RemcosRAT
2024-12-09 14:45:39	afd5885712157bf7e51471f21b977788084aa78bf58d45287b4043edb2ee3495	exe	Loki
2024-12-09 14:45:28	49e8a1f12fb5202470604efe01c0d60949d20d302a76aed85b2a049e91266366	exe	RemcosRAT
2024-12-09 14:44:44	9a32e0821da4466b858ecfd185f3d9bff232d8a3b44983988c248df05ef7c2ef	exe
2024-12-08 19:06:00	f3530f9d52d1ba3ed70cc5d603cf0a83771027cda5fd545206e1688589ef69fd	exe	SnakeKeylogger
2024-12-08 17:18:58	d9b66f2580bd43a5b03487e161d925c63b3d485d22d71607060eb07e453c03d7	exe	SnakeKeylogger
2024-12-08 16:38:12	9a32e0821da4466b858ecfd185f3d9bff232d8a3b44983988c248df05ef7c2ef	exe
2024-12-08 16:38:11	49e8a1f12fb5202470604efe01c0d60949d20d302a76aed85b2a049e91266366	exe	RemcosRAT
2024-12-08 16:37:12	cec4f49a5374bf025bd1ccd700897e017be1e67ca6bc248dae9131a85db91c42	exe	RemcosRAT
2024-12-08 16:36:09	e51f50b3f520e3de0f0916e0291ad093aa0c50f6c81010001ce5aa2aee88f7b0	exe	RemcosRAT
2024-12-07 17:07:58	656e1bcadf18f78e0a1480beda30b3be8a3aee636c758e30247e2126ad6bed98	exe
2024-12-07 14:43:16	28331e2705bf58bd76a9f8ba0f0a431b762eaf6e4284dbf12f1453dd3fecf281	exe	RemcosRAT
2024-11-20 16:15:12	ecc61fe635e2cdb0859441ef90e330230094e7514cf00cb48829e136d713b63b	exe	Loki