URLhaus Database

You are currently viewing the URLhaus database entry for http://31.170.22.205/dl19 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3487069
URL: http://31.170.22.205/dl19
URL Status:flame Online (spreading malware for 1 year, 2 month, 10 days, 10 hours, 17 minutes)
Host: 31.170.22.205
Date added:2025-03-23 09:04:07 UTC
Threat:Malware download Malware download
Reporter: geenensp
Abuse complaint sent (?): Yes (2025-03-23 09:05:17 UTC to abuse{at}nano[dot]lv)
Tags:DDoSAgent script

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-07-20dl19sh dd1176aca0295fe09a65f99db97b9c58e83c75b31d4635c07229aaf18ce278c6n/aDDoSAgent
2025-05-10dl19sh 659a49a462b1701d2ec1d213d63eec136c58acae1f8375179deeae3dd418932dn/a
2025-05-04dl19sh a9993f2073b63fac8c02ad6f258aaacc15688325578014dfe00823cfac2d21fan/a
2025-05-04dl19sh a17eb4e894f248de5f9349b5b90a9e2c38fda50edc9263f37b5dd205fe5f8232n/a
2025-05-03dl19sh 744e0f0931acbd379e5393e67327e3e67ab4ac1708d9f7fb8d09d15de19b60e1n/a
2025-05-03dl19sh ee883787f79c688015b39a452a4993a640e1b76192fa0f90691c83c13d35803an/a
2025-05-02dl19sh 644066096e68790b3eee4548932e66144bb4ede0f30f69ed93354af092011538n/a
2025-05-02dl19sh f8e72783f838b2b467d3a6175b4727fa642e7ed39729d698f5ac8d2bf1ec7794n/a
2025-04-30dl19sh ed8352f21b1d33819a6d28fee264ec594ba2164cefadc09b262e575461b91c9bn/a
2025-04-12dl19sh 24415dcee3462b3b9d4d00ef2092e73127439009ab9bea748efd30fcf46f9495Virustotal results 17.86%DDoSAgent
2025-04-03dl19sh ede48eb0f83c5bb9ee4874500a88c94a837cc582327ce2ac77c4f715440f1fa7n/aDDoSAgent
2025-03-29n/ash ba1325f3da34542c1da7e078ea063d781dacaffe51487580b6ab677cfe78cd08Virustotal results 13.46%DDoSAgent
2025-03-25n/ash 3d6d26f5e84511a9215845a6e64b161f6c7512699956a53e431353d2e61314ean/aDDoSAgent
2025-03-23n/ash 5d258a2a99d4d4c7f3f18bfe6c6b7211500bd1c5b027004451d5a8f1bc7af107Virustotal results 46.77%