URLhaus Database

You are currently viewing the URLhaus database entry for http://103.172.79.74/sh4 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2764830
URL: http://103.172.79.74/sh4
URL Status:Offline
Host: 103.172.79.74
Date added:2024-02-19 21:36:20 UTC
Last online:2024-03-17 09:XX:XX UTC
Threat:Malware download Malware download
Reporter: tolisec
Abuse complaint sent (?): Yes (2024-02-19 21:37:13 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:26 days, 12 hours, 1 minutes Bad (down since 2024-03-17 09:38:46 UTC)
Tags:elf mirai link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2024-03-17n/aelf 7c3275ede26ede41cd9b3d342ab63e1044d1fa2abf57784aa98d3218ef68c01bVirustotal results 65.08%Mirai
2024-03-13n/aelf d4a59b3234d76c91c61a320166cadaf16833418e59ca1cd02b7c28111d7e7e18n/a 
2024-03-02n/aelf a4fc40efe4a920c5a9dc8fcfec9ce8a4fd1924370cad43f40ac7d2ca815a79b1Virustotal results 43.55% 
2024-03-01n/aelf 2439c060180d01b75ab71cd4540412b08a5a62e7bfff1802ae791ed637e33200n/a 
2024-02-27n/aelf 252998a82388e0df00072d4b99fcbd6bba9fa9011f62aabe63ccf24fae65a328n/a 
2024-02-27n/aelf af42c1d1dc7593ce89a2e6459f4532cf948e26bd4b6fc714808dd3158a1e7daen/a 
2024-02-21n/aelf cb37e173a47fdfa44db8227f3a913689f3b422dc298f44f6db8feea852878099n/a 
2024-02-20n/aelf 3f2c2028b62687895d5ee8b14a953181c1cd6b285edcbb2592e31cacb7e9554bVirustotal results 68.85% 
2024-02-20n/aelf f08fe4e136d777369f9963a7baaf60eac86551951758386e6e2aff3b8468af96n/aMirai
2024-02-19n/aelf bf2dfc7c93905cda0fab1a6ea8bad2d67edf5e611976f33974b208afa0a7a820n/aMirai