URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: zetlegion.kozow.com
Domain registrar:Dynu -
Domain registration date:2015-10-25 00:13:01 UTC
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2021-09-28 15:16:03 UTC
Total malware sites :3
Online malware sites :0 (0%)
Offline Malware sites :3 (100%)
A record(s) observed :1

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2021-09-28 15:16:07 194.36.178.69free.dsNot listedAS200740 FIRST-SERVER-EU-AS- SGno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-10-08 15:51:08http://zetlegion.kozow.com/e.exeOffline32 exe RedLineStealer ext zbetcheckin
2021-09-28 15:16:18http://zetlegion.kozow.com/m.exeOffline32 CoinMiner exe zbetcheckin
2021-09-28 15:16:07http://zetlegion.kozow.com/b.exeOffline32 CoinMiner exe zbetcheckin

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2021-11-13 06:17:5052c44d26602303eff3243fc80f760e56bb483701993f995fcb4c5a542ccfa0f6exe CoinMiner
2021-11-11 20:26:48ea927951d140ae36b613e698856e656bcc9f4b65d75a89dd2f81f9aef33de375exe  
2021-11-11 17:24:48ce26e53c255329e7dc96a0acd54de2065e228b53edc337772127db2dfe227e21exe CoinMiner
2021-10-30 17:49:10c34f26c4c39465f97b2d05f9b35df66a3a51b8542fa71395011ce4e75d77c9ceexe CoinMiner
2021-10-30 14:52:01856ec1c0d82402c07331b6828c320e2bbe830aef210e38292b7a9599e3edacb3exe CoinMiner
2021-10-30 14:16:305c2e14d21e1cc249bb846dc218e96dd6237328b1ba204c453683482bd5621435exe CoinMiner
2021-10-30 14:01:4596e1ffba432471bb0a0c3d9d909393efa50c36a81bce26417faf7dd961c0b12bexe CoinMiner
2021-10-30 13:58:48d41e9d68b62b39d50f6ec2030095891fd1a50d1289c94ca329922280a65913a6exe CoinMiner
2021-10-30 13:52:5245fb8457cf06d252cd90b0d5be525aa826a5718e41e330b90ff4b6c7d1c3c293exe CoinMiner
2021-10-30 13:39:3125dc538943c64e61b59b1caf0fc1913f1c0ec749d17936a6e55a184b4cf48b35exe CoinMiner
2021-10-30 13:20:3605b498ab24542a6600ef88c4890e3c821e93060fc0ae8293141eef35fdecbce9exe CoinMiner
2021-10-30 13:00:237f20af9a2e405b1b3637b013fdd25b55a5f5768a6928ec0f2b996d64cef0b35dexe CoinMiner
2021-10-30 12:49:551522553a639674dd7147588aa3c0313891ad0feab9455d7ef6862621655b2cb7exe  
2021-10-30 12:36:30d4dc4b528f13a200c0a0140c729ce391fa0d2eb84d370cb691632fcfb93bd19fexe CoinMiner
2021-10-30 12:32:50e03e2250c145069df5c2556e0209fc27594f333e0fde5a9902f83afa17777372exe  
2021-10-30 11:44:223ee00e07d979a52ec38083ec94fed5b2384af6eba02552c889ebdec6c48723ecexe  
2021-10-30 10:41:23004e858d83612bc54467cc91153e50954c50c25d53bb233376543eeac67bf4e5exe CoinMiner
2021-10-30 10:03:3179965bdf810af8290c2ed6adaa2eb3fa735f3b8e8c3851d6e0fb3825acc80ff6exe CoinMiner
2021-10-30 09:12:28d45a6857e52ce1bebdcff87a91c39ea076623bfdeb5fe3a2027ea9cb70bda235exe CoinMiner
2021-10-30 07:56:46a958d2dfdd967adee049392e5be5860e0588aa753d7a2e48d8bbf9949ccdcc8eexe CoinMiner
2021-10-30 06:40:10469ed3ed781db5b03e15361a2cbcf4a2661e891718ccfadeca3ef24c9c96f430exe CoinMiner
2021-10-30 06:36:172ae6baa62465575014c3d5850f16079aa9fde8c8bac1390d7fba64cc49df4af7exe CoinMiner
2021-10-30 06:13:49654bde0b097e6b1cf9781aa53350637dbfd4bc0b5d6af006007429cb90546cf9exe CoinMiner
2021-10-30 05:28:3973112182c86def0c61edb867018f9487dc2d8ab9ae7573c3a3579e969b611dc4exe  
2021-10-30 04:23:1861dd8dee0372c1ae94a840844567d6891fee4b13c800479ec7aa2051c6c81373exe CoinMiner
2021-10-30 03:40:1916bbcc510b62d2df44e6ee40dd8f1998990280095fc3be3500ee811c62050090exe  
2021-10-30 03:12:38a7d1c66a9cee0450b40add954f78bfabeb5c2a210148b47d729948d68e1ae4edexe  
2021-10-30 01:15:139451169ecadde9c544b47e34f5813ab00588dbbc58defe24e70bb6be59673c66exe CoinMiner
2021-10-30 00:07:20379689cc4e93103125536cdca171c97956edf9f3100d45f46720dd0b22728ca7exe CoinMiner
2021-10-08 15:51:08260dbb4e6556f73e71926d8df1258cb902e00963a1cd199d4a00771d2058e7d7exeRedLineStealer
2021-10-06 15:57:112a073ae75ece3d967d1dd97638a956c40bfd60207519bcbab19d31395b84e32eexe CoinMiner
2021-10-04 17:48:552e8256aa3039d5c1c58eb459890030a2a3c1e6370112660f0423c5bf4b1a7f67exe  
2021-10-04 13:01:340e4f7cb3d901d83ac15c49ca543f53344c49ac5844c5ba8de8991ddf0a1dc4e4exe  
2021-10-04 12:57:53f778a7d283c277a5180c044398f4a8d245b64d03e044d489512cac19bdf5a261exe  
2021-09-28 15:16:18bcc7c88a78159d256da9838d8148b61bf92057b71eabf3bed83ed650d723562cexeCoinMiner
2021-09-28 15:16:07715e1eb5414e749e16fb3999dda7bcf8405e6fb4e14e66ddcbdf20a2e1af89c3exeCoinMiner