URLhaus Database

You are currently viewing the URLhaus database entry for http://45.125.66.90/arm5 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3305153
URL:	http://45.125.66.90/arm5
URL Status:	Online (spreading malware for 1 year, 0 month, 18 days, 8 hours, 37 minutes)
Host:	45.125.66.90
Date added:	2024-11-26 12:33:06 UTC
Threat:	Malware download
Reporter:	Gandylyan1
Abuse complaint sent (?):	Yes (2024-11-26 12:34:10 UTC to admin{at}serveroffer[dot]lt)
Tags:	ddos elf mirai

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-12-08	n/a	elf	788e47fcc1f7e85da5b575ddeb98980fafc9cab532c378855556d679da2a59be	59.38%		Mirai
2025-08-19	n/a	elf	5850e0c4ff26973e6ff35c49aee574328d2342966ea96318f4b4ed61c7e8ef86	n/a		Mirai
2025-08-18	n/a	elf	8359528542f4b54d754a864e5affa23ef60d54e319deda220f52d9a9138216e6	n/a		Mirai
2025-08-18	n/a	elf	34c73356a072038100195ca6da0e172b6657b169911e49ed797167027bf0a8a8	n/a		Mirai
2025-08-14	n/a	elf	f7adca8fa8c5cf59567c026045a2ec8b4c419b0aa3250dd50dd5c06fbb05b7af	44.44%
2024-11-27	n/a	elf	9b15b0254a4becfab3b3842cdf6c46a27de624c4985e4e08c4d58d43e9db082d	n/a		Mirai
2024-11-26	n/a	elf	9a7e77eff17b6bab95e53989adca31512823cf0c92a342a1b7e2ca445d9bb560	53.12%		Mirai