URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2023-07-06 15:03:19 | 103.146.177.244 | cashboxpay.com | Not listed | AS135822 HOSRAJA-AS |  IN | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2023-07-14 04:06:06 | https://www.torq.qa/nekario2.1.exe | Offline | 32 AveMariaRAT  exe |  zbetcheckin |
| 2023-07-13 06:42:07 | https://www.torq.qa/Kt4sS99OJkneo.exe | Offline | exe Formbook |  abuse_ch |
| 2023-07-08 03:52:07 | https://www.torq.qa/fIPfypJYu76PrjPnEo.exe | Offline | 32 exe Formbook | zbetcheckin |
| 2023-07-06 15:03:19 | https://www.torq.qa/maigoneo2.1.exe | Offline | AveMariaRAT exe Formbook | abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2023-07-14 04:06:06 | 16da8293804a9660e12cc6cd3a847f921c8110f712228922762432110f20a922 | exe | AveMariaRAT | |
| 2023-07-13 06:42:07 | b884bd75ed004c71503776351d1bd64e1a03e106be6df6baed9f16c7239e0f01 | exe | ||
| 2023-07-08 03:52:07 | 5eb2fdddbd470e55de54cab50d8906e00eb202714c9b0cb2fd95b4b58b3a125b | exe | Formbook | |
| 2023-07-07 08:38:09 | 719b031a6eb4fb932f4ddc541bcd119995ea7273f77c9bbe663273401d157513 | exe | Formbook | |
| 2023-07-06 15:03:18 | ae8635ca2e1ddd94610dfeb8d18ce3e037e890927cb1ba3944bfe4ff70f4ce17 | exe | AveMariaRAT |