URLhaus Database

You are currently viewing the URLhaus database entry for http://31.170.22.205/dl18 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3490235
URL: http://31.170.22.205/dl18
URL Status:flame Online (spreading malware for 1 year, 2 month, 7 days, 21 hours, 16 minutes)
Host: 31.170.22.205
Date added:2025-03-25 14:36:04 UTC
Threat:Malware download Malware download
Reporter: BlinkzSec
Abuse complaint sent (?): Yes (2025-03-25 14:37:05 UTC to abuse{at}nano[dot]lv)
Tags:DDoSAgent sh ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-07-20dl18sh 3d78483906b8b08d6b394182baac87a25ec3a9cc6830c31ead67eb2962e6cdf6n/aDDoSAgent
2025-05-10dl18sh d0762356f59fdc7f8cea412e5a78cedba99c41bae8a46129df3fc3b512b41b20n/a
2025-05-04dl18sh 954521e325f82ebb57ab869a98cebd2d0e079d701e7b412d2d3da8992c491e0fn/a
2025-05-04dl18sh 08ae1dcaae5dbfbd2f83421ab82fca52e774f1d109a8736fe69ab9462c0dc4c7n/a
2025-05-03dl18sh 04d37a3b45456e34b66d9634ccd361b35c0e0005ca9a80bec691568004b5c0cen/a
2025-05-02dl18sh 598d29b578025ef274ae5799f1e6d76328ea6daabe242fa2cec30f7a70e5627cn/a
2025-05-02dl18sh 7b249875022a4f9dbc1630d74152ef9cc3339006058e1bbbe9ec9ee46d738ff1n/a
2025-04-30dl18sh 5717f68b8efa8c47238bb58647ccaee87df90e86b7cb2753a593d87cd9ec350dn/a
2025-04-30dl18sh 866e9999cd7a18407a43840849ca8ab526df6608a312b32a07e4ea97a9a5c330n/a
2025-04-12dl18sh b00a14a5aa03294f9a2dc5f7e3c8c1d328a87148f1c925f65c960648dda9bd4bVirustotal results 19.67%DDoSAgent
2025-04-03dl18sh f915cf55bf60b94b313155b281c6013fefb32ed2c2f36f753d93ce242873794en/aDDoSAgent
2025-03-29n/ash ca171571e3ce76a965ede48e77e4ed5264bb7a282e78bcd7797c3520001e0d33Virustotal results 14.52%DDoSAgent
2025-03-25n/ash b98d31e991c6240f2484c2688d9491a72a5cb93b904fdde6f33e04b17aca5e94n/aDDoSAgent