URLhaus Database

You are currently viewing the URLhaus database entry for http://bayerngrow.com/rep.arm5 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3423344
URL: http://bayerngrow.com/rep.arm5
URL Status:Offline
Host: bayerngrow.com
Date added:2025-02-01 19:30:07 UTC
Last online:2025-04-15 07:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Status unknown
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Blocked
Reporter: DaveLikesMalwre
Abuse complaint sent (?): Yes (2025-04-14 21:51:07 UTC to abuse{at}virtualine[dot]org)
Takedown time:3 months, 7 days, 14 hours, 41 minutes Bad (down since 2025-05-10 10:12:24 UTC)
Tags:botnetdomain elf mirai link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-05-09n/aelf bd217c8183e073f002c0de1309461d1c0d5fcf0f1a45afbb2f695bb07997c7a2n/aMirai
2025-04-17n/aelf 5682ae46740e9fa332412a91253c42b660d28f0b787808bc8f035d8d01d00cabn/aMirai
2025-04-14n/aelf 38e4d384edc7fd7b875df3d6cf74f2a877ac03164ee35f3afc5869ca1e66b397Virustotal results 52.38%Mirai
2025-04-03n/aelf c4803099c72aeb8a6c33268871c551654cd32cbadc2bab1e6df15d8395b2bba8n/aMirai
2025-02-01n/aelf d6acfa3d75837e01da10d98fe7426cb89c5f84777e25feb9caa69b71463de3f3Virustotal results 19.35%Mirai