URLhaus Database

You are currently viewing the URLhaus database entry for http://85.95.173.28/main_ppc which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3273907
URL:	http://85.95.173.28/main_ppc
URL Status:	Offline
Host:	85.95.173.28
Date added:	2024-11-03 13:29:13 UTC
Last online:	2025-07-23 23:XX:XX UTC
Threat:	Malware download
Reporter:	redrabytes
Abuse complaint sent (?):	Yes (2024-11-03 13:30:19 UTC to abuse{at}rt[dot]ru)
Takedown time:	8 months, 22 days, 9 hours, 53 minutes (down since 2025-07-23 23:23:31 UTC)
Tags:	elf mirai

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2025-01-25	n/a	elf	5f351cdb93682f02d9131c5e0f42618b70a5e2aec09decfccdd4d8b372e12078	n/a	Mirai
2025-01-19	n/a	elf	a8a5c72cea2906bf5e4526a94b2d2e48929d936911d3b3e51c8c29e774989c57	n/a	Mirai
2025-01-09	n/a	elf	155af3416aa26d6d4b2b002a96d3f081a53a40881d7a74bf1cdbefba39487e76	n/a	Mirai
2025-01-09	n/a	elf	a1994df67d84c8dee8135ac68891ddfa6a665001d685d9675105587d5d4d566b	n/a	Mirai
2025-01-09	n/a	elf	825d9e375cc8238ddfaa7cfc21749928816a945ab857ca954329e6753b6bfc21	n/a	Mirai
2025-01-08	n/a	elf	9aa33aa82b8616a14f0d49e28fb3f65471917d48d7c83e5a658f5823677a8bac	n/a	Mirai
2024-11-03	n/a	elf	99130ac02dc0d8930cb61ecd8fc9e8358cb20d5a6573eb15f9b1cecc658a8117	n/a	Mirai