URLhaus Database

You are currently viewing the URLhaus database entry for http://193.143.1.32/bins/zerarm7 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3422972
URL:	http://193.143.1.32/bins/zerarm7
URL Status:	Offline
Host:	193.143.1.32
Date added:	2025-02-01 13:38:19 UTC
Last online:	2025-03-10 03:XX:XX UTC
Threat:	Malware download
Reporter:	DaveLikesMalwre
Abuse complaint sent (?):	Yes (2025-02-01 13:39:07 UTC to abuse{at}proton66[dot]ru)
Takedown time:	1 month, 6 days, 14 hours, 14 minutes (down since 2025-03-10 03:53:51 UTC)
Tags:	elf mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2025-03-10	n/a	elf	a1d4783a0f02214fea4f9554f62dd48a055a8578ed7084d9486989e8d2d807cd	39.68%	Mirai
2025-03-07	n/a	elf	f819eeaa9c04049f917a0197adb9bd72f003a8c7f45099a4831af701901a316a	60.32%	Mirai
2025-03-04	n/a	elf	14c89c6edb52dae4ce413320b8a3f2aafefbd971f4183f472b90c0a059ae75e4	38.60%	Mirai
2025-03-03	n/a	elf	d30ed193503c450c2cdce0222716a8b76e6dd5f41073c11284a1736fc6f0d320	n/a	Mirai
2025-02-25	n/a	elf	0f108c006af418876ca5cf7b4a817a3736e39e262757a2cb3882d87231e4a6ed	n/a	Mirai
2025-02-01	n/a	elf	a6c59e3347982e3f37b9785910af1e6879f24ae91c7461043d86308651a0e16f	n/a	Mirai