URLhaus Database

You are currently viewing the URLhaus database entry for http://107.189.13.118/Mips which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2041796
URL:	http://107.189.13.118/Mips
URL Status:	Offline
Host:	107.189.13.118
Date added:	2022-02-12 20:02:06 UTC
Last online:	2022-02-18 14:XX:XX UTC
Threat:	Malware download
Reporter:	hamz010
Abuse complaint sent (?):	Yes (2022-02-12 20:03:17 UTC to admin{at}frantech[dot]ca,fdias{at}frantech[dot]ca)
Takedown time:	5 days, 18 hours, 22 minutes (down since 2022-02-18 14:25:47 UTC)
Tags:	gafgyt

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-02-18	n/a	elf	d031ccff0f469a6e012f3bb219abc4c3109a03db3a1843c57e7f8347f243b201	48.28%
2022-02-15	n/a	elf	2ebe51616fd5ae107a741fcf4e49f3f059ea59b986e8d0b7f787bd2eb3011ac5	61.29%	Gafgyt
2022-02-15	n/a	elf	8303301d11b8a8cd955e5c6fb173a3629bc12a3c41ef26a84ccf958b46f5079b	n/a
2022-02-15	n/a	elf	b92293886392f55a4b6c1ca7cd442245749f681b061d18748914f9182c8fb7e4	54.10%
2022-02-13	n/a	elf	9e1e4965daaccc59995afd6ae26275096c16ec3e385c22a30bb6dcf9b43aa071	n/a
2022-02-12	n/a	elf	8e841953e5c6086a865a4cfd177a7dc05533978f94d2ad40b7a01e981c6648ea	n/a