URLhaus Database

You are currently viewing the URLhaus database entry for http://31.170.22.205/dl17 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3484493
URL: http://31.170.22.205/dl17
URL Status:flame Online (spreading malware for 1 year, 2 month, 12 days, 5 hours, 7 minutes)
Host: 31.170.22.205
Date added:2025-03-21 06:51:16 UTC
Threat:Malware download Malware download
Reporter: geenensp
Abuse complaint sent (?): Yes (2025-03-21 06:54:51 UTC to abuse{at}nano[dot]lv)
Tags:DDoSAgent script

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-07-20dl17sh 3ea57f49c459e920fe76836749a0872c879f8fd7ff1a369109ef9d551c07fcafn/aDDoSAgent
2025-05-10dl17sh d9c505a98fb5c39cb3c9b884e98eb9991b99bdeb03996abd6ff70b8086d92e07n/a
2025-05-04dl17sh b5950efa34c1c1301ecbca1786e192e3608b6e8aff63abc1a82f1891b900f177n/a
2025-05-04dl17sh f3fc492fb038c9b5d83d14ad224dc171502167c7aab98647d67909214691c1c9n/a
2025-05-03dl17sh 3eba63eed2a2df914305a8e76450c05bdaf0adeee282a7cf6a45e552e051a93an/a
2025-05-02dl17sh 817c7902d22dc0048f4b0bf86529a789b7d63c8a5c58c141de7808c35302e21en/a
2025-05-02dl17sh 7c35bf4925295bc04e717fe8427e2157a985884569821ca7548c98ceaef9680fn/a
2025-05-02dl17sh 70e4faba20efb569f77ac2841ead33770e8b998aceb504f662e4cfe3dfc06704n/a
2025-04-30dl17sh e7e966a76cea9864e2df8e598f20be4a461e087aa634e9d854f5bf6e9811f2efn/a
2025-04-12dl17sh 4b0629734c733e7856a4ed30336443f3fedb76ce93b4eea56d0fb8e6a42a1732Virustotal results 20.00%DDoSAgent
2025-04-03dl17sh 588bb81072e2d551d2adb0a7513eb7600d02c56edc522fcf6ef86b0a194c1bfen/aDDoSAgent
2025-03-29n/ash 7faec62987a7165dd7291f4900140c403f27199792793702ebf02c871a255594n/aDDoSAgent
2025-03-25n/ash dab401e57977a251f453cfeec91d66b5d21c6e494b1c404e75534a32b465bbd9n/aDDoSAgent
2025-03-21n/ash b382f058b4898ceb9115fe320945978c26cc55c991266475828f38b6ddbe41a3n/a