URLhaus Database

You are currently viewing the URLhaus database entry for http://12.196.184.34/tftp which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2908909
URL:	http://12.196.184.34/tftp
URL Status:	Online (spreading malware for 1 year, 5 month, 11 days, 11 hours, 44 minutes)
Host:	12.196.184.34
Date added:	2024-06-27 06:39:41 UTC
Threat:	Malware download
Reporter:	NDA0E
Abuse complaint sent (?):	Yes (2024-06-27 17:15:12 UTC to abuse{at}att[dot]net,hostmaster{at}arin[dot]net)
Tags:	elf tftp

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-04-04	n/a	elf	17dd89e1358559600232429ce26ed45c1a37d9fb9bd7226e6b1974c1c6bf7d0b	16.67%
2025-03-27	n/a	elf	829f76e09c6e3a92735fd324c0295e27cab04b8d4671d2eaa79c4579fe6b95c0	31.25%
2025-02-24	n/a	elf	d7cf856594765c67bb13dae673a1a2f2122f7b24555b76a62216a20a3237bf4c	30.16%
2025-02-01	n/a	elf	05f533f4b35fab2f4db88afd937c01487cfdb9ebf5943f6637fceabf5489762b	27.42%
2024-11-15	n/a	elf	0e771450ede22c9001e33926c6e6ba12b90ebb6f624fdd9d24c7b6de224895e2	n/a
2024-11-15	n/a	elf	049db4f64d8c7a311c8fa72e20795c5ca85eb7803d43dc2df16fbb892976fe3c	20.63%
2024-11-09	n/a	elf	37cd7332058f313aeac8637308498dead58f044aa70e4d58f5ec2a5134169d41	34.38%
2024-11-07	n/a	elf	7b0ba2db25a9cd331cd5ac53d49580034f14219b719a8ae19647e384767b7574	23.44%
2024-11-04	n/a	elf	c5590232becfc7b5ef5c6b95abeb894e7f870d2175d31aaf9bf1cae4289552c1	25.00%
2024-09-05	n/a	elf	11b525b50e49ae6a9eb29b5607e19bfec45b5cb74a5c8c6acea5fae6de96b07f	n/a
2024-07-24	n/a	elf	df12b303824b9bcefb1ce78d1c30e6194a8ac870550957f9e45425122da5f99b	14.29%
2024-06-27	n/a	elf	9b66676da9413803e42cb2efda1bb76084cdf89d40f503a6716f4eb719ac972f	27.27%