URLhaus Database

You are currently viewing the URLhaus database entry for http://45.118.79.103:8892/tftp which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	2909310
URL:	http://45.118.79.103:8892/tftp
URL Status:	Online (spreading malware for 1 year, 5 month, 10 days, 10 hours, 55 minutes)
Host:	45.118.79.103
Date added:	2024-06-27 18:50:23 UTC
Threat:	Malware download
Reporter:	NDA0E
Abuse complaint sent (?):	Yes (2024-06-27 18:51:22 UTC to irt{at}ezecomcorp[dot]com)
Tags:	elf tftp

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT
2025-04-26	n/a	elf	7b0ba2db25a9cd331cd5ac53d49580034f14219b719a8ae19647e384767b7574	30.16%
2025-04-22	n/a	elf	fb86b1ae70f7b067b400ad62b93e2bd2817d554ce22f2ca4c30535dcf2fd02ab	29.03%
2025-04-19	n/a	elf	14d98bed983d31163462f604ee2cdd6be8a25d1eed8105a9062bba391997405a	31.25%
2025-03-10	n/a	elf	df12b303824b9bcefb1ce78d1c30e6194a8ac870550957f9e45425122da5f99b	30.00%
2025-03-05	n/a	elf	f931c8265cbac0be9f645cad83be86d386469471d9bfc64c6c149782093ea0e4	n/a
2025-01-15	n/a	elf	704f8fbbd5160a3574f57c84cc1659eb294a27253ea86d6319199f0140d4dd7b	n/a
2024-12-29	n/a	elf	bb317a1016e94b735b199cf501493795917859286a906aae4fe5c4a4c10a41c2	n/a
2024-12-29	n/a	elf	d1c31f1f568ee91a71892b522aebd5ce3690f8c5d05cb79e2b3a37b18a20e4dd	17.91%
2024-10-28	n/a	elf	d8332267b97104558310187113772b222046507d27bfba9f6148157698127f39	n/a
2024-10-24	n/a	elf	829f76e09c6e3a92735fd324c0295e27cab04b8d4671d2eaa79c4579fe6b95c0	23.08%
2024-10-10	n/a	elf	9590e45c8752e47194201003565309b4b2023d340a3800ac15808b4141e18bec	21.54%
2024-07-18	n/a	elf	329ba74dc0bef00974d474d15b3d782a6de33e2ce67f78c7db6a296ad6e6c0e3	n/a
2024-06-27	n/a	elf	9b66676da9413803e42cb2efda1bb76084cdf89d40f503a6716f4eb719ac972f	27.27%