URLhaus Database

You are currently viewing the URLhaus database entry for http://185.244.36.221/arm6 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2902473
URL:	http://185.244.36.221/arm6
URL Status:	Offline
Host:	185.244.36.221
Date added:	2024-06-23 11:41:07 UTC
Last online:	2024-06-28 20:XX:XX UTC
Threat:	Malware download
Reporter:	BlinkzSec
Abuse complaint sent (?):	Yes (2024-06-23 11:42:05 UTC to abuse{at}spectraip[dot]nl)
Takedown time:	5 days, 8 hours, 54 minutes (down since 2024-06-28 20:36:49 UTC)
Tags:	elf geofenced IND mirai

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2024-06-25	n/a	elf	11bc332880279bb5dc6f02700fabf300b7376ae92de6f6ce2ce38f5bafc5e7b7	n/a	Mirai
2024-06-24	n/a	elf	ba08e92d3db4f86a4e429c5822d321c39ff7e8b5f3e2801466774868dccf7881	13.64%	Mirai
2024-06-23	n/a	elf	aadc3806db53fddbd6dce29ad93e39815cec6df3ab93517a8880091c1d5d6828	n/a	Mirai
2024-06-23	n/a	elf	374c575119049442f4af91e9b7f3552041f030d2fcd78d5a423c04dafe104e4d	40.91%	Mirai
2024-06-23	n/a	elf	0ce76d05c434261c6f7adfb0b436e4a40e686a8cf0e1de75522dcfbe24ee16e2	40.91%	Mirai