URLhaus Database

You are currently viewing the URLhaus database entry for http://103.174.73.190/tajma.x86_64 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2818186
URL: http://103.174.73.190/tajma.x86_64
URL Status:Offline
Host: 103.174.73.190
Date added:2024-04-19 10:38:09 UTC
Last online:2024-05-13 15:XX:XX UTC
Threat:Malware download Malware download
Reporter: abus3reports
Abuse complaint sent (?): Yes (2024-04-19 10:39:04 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:24 days, 5 hours, 7 minutes Bad (down since 2024-05-13 15:46:28 UTC)
Tags:elf gafgyt link mirai link skyline

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2024-05-06n/aelf 58d1ad08428b7b8c2c1f72fe730fdcc94d0ee10fb94f9b9ded0729eec45a758en/a 
2024-04-22n/aelf b0ae7d8da08ff1e1ab675348c752f6d7bb8f8143a1d6fd779e46e7e09ca446fdn/aMirai
2024-04-22n/aelf 5d0b91e6970df361cf27f78d8fe2852f9903d95af5d646fcdaf7e8e23d629301n/a 
2024-04-21n/aelf f52ca678fc7511b0b21bea54a933120fb51a689139358af641ded4929c6258d2n/aMirai
2024-04-21n/aelf 3dc0b75b5319af97497627e50875a3201ea9a43d1a5bfcbe1e22968027fbcd78Virustotal results 41.27% 
2024-04-21n/aelf 2e9a2107a143f8470cb65047814fbc333eb1e697c6a21a0a3c54537bdca1be1dn/a 
2024-04-21n/aelf 3059abb807fd7a52b125b9f9e36b5352b5b06831c94f745b458d2280ad9d0159n/a 
2024-04-21n/aelf 81c2b6b568bd1f7508437a1fe50bab1a3845d95c56ff08bac3ed727d48651f93n/aMirai
2024-04-21n/aelf 99d2726cc4339bd134549a177eaceba144b396f4e437436343f845cf269c06cbVirustotal results 48.44% 
2024-04-19n/aelf 449f200f7a3c6c4452bdf1b6e475432e9e1c0330e3001c81b6c97d98c7cd746dVirustotal results 47.62%Mirai