URLhaus Database

You are currently viewing the URLhaus database entry for http://87.246.7.66/bins/mpsl which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2798918
URL:	http://87.246.7.66/bins/mpsl
URL Status:	Offline
Host:	87.246.7.66
Date added:	2024-04-02 08:09:05 UTC
Last online:	2024-04-05 10:XX:XX UTC
Threat:	Malware download
Reporter:	BlinkzSec
Abuse complaint sent (?):	Yes (2024-04-02 08:10:15 UTC to abuse{at}4media[dot]bg)
Takedown time:	3 days, 2 hours, 29 minutes (down since 2024-04-05 10:39:36 UTC)
Tags:	elf gafgyt mirai

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-04-04	n/a	elf	ffb6c0c9e81d10c9c57dd4513ce03c0de4b2025d3e611156caac2fb098c8fb16	n/a
2024-04-04	n/a	elf	b646653f3b9c97c44f6663b03c29daec205b9123ddea43b176db23aee425a4e6	n/a	Mirai
2024-04-04	n/a	elf	8dfa1048c2d942c3f0f56ae32c75d8faa293135916327214f370978de31da41e	n/a
2024-04-03	n/a	elf	58f8d4d7264945b3af7c46e45dd2b69390cc6ad718a68143f3ef9b15c57e1fb9	n/a
2024-04-03	n/a	elf	4c8ea6b947f98de8928b528340c77f085aef5c7539a704cae3c3a6ebd223ad32	20.63%
2024-04-03	n/a	elf	4ff0c418b636125fa295ea4467507db85e2ee19c38b1bf921e75fb3f217fae68	61.29%	Gafgyt
2024-04-02	n/a	elf	d645d1485791ebaa963a387884f46099fdfb9ec1e6d520d2f8f154efd799d4e8	19.67%	Mirai