URLhaus Database

You are currently viewing the URLhaus database entry for http://193.143.1.32/zerarm5 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3422995
URL:	http://193.143.1.32/zerarm5
URL Status:	Offline
Host:	193.143.1.32
Date added:	2025-02-01 13:38:20 UTC
Last online:	2025-03-10 11:XX:XX UTC
Threat:	Malware download
Reporter:	DaveLikesMalwre
Abuse complaint sent (?):	Yes (2025-02-01 13:39:07 UTC to abuse{at}proton66[dot]ru)
Takedown time:	1 month, 6 days, 21 hours, 54 minutes (down since 2025-03-10 11:33:40 UTC)
Tags:	elf mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2025-03-10	n/a	elf	c767b3204bd8bfde69e411b3d0723f0eef5cf70a8091300cd00c50f4efe84891	41.94%	Mirai
2025-03-07	n/a	elf	a11c7c184bb3c5237c9173a27d8da8b880c171939945216bc4cdabb61d0e0c9d	60.32%	Mirai
2025-03-04	n/a	elf	ac47c4604edb09810626c6754ba9f3cf39f40d71f3c396e7bba1c1214ce3ae95	39.68%	Mirai
2025-03-03	n/a	elf	6da512e859193c326d2e750a5094d80be90874d1ed0d82d9d8c3bcba817a812d	n/a	Mirai
2025-02-25	n/a	elf	b38b66643fa907b877d8bb793ee6eb55d66785727ced56076a35200527869605	40.32%	Mirai
2025-02-01	n/a	elf	c657478f8d696bd163e082bdf17a73cd52dad24de0f0aec82bafe591c4adc20c	n/a	Mirai