URLhaus Database

You are currently viewing the URLhaus database entry for http://45.125.66.56/arm7 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3464193
URL:	http://45.125.66.56/arm7
URL Status:	Offline
Host:	45.125.66.56
Date added:	2025-03-03 12:33:05 UTC
Last online:	2025-09-28 03:XX:XX UTC
Threat:	Malware download
Reporter:	NDA0E
Abuse complaint sent (?):	Yes (2025-03-03 12:34:07 UTC to admin{at}serveroffer[dot]lt)
Takedown time:	6 months, 28 days, 15 hours, 13 minutes (down since 2025-09-28 03:47:44 UTC)
Tags:	404 censys DEU elf geofenced mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-09-02	n/a	elf	b772d55640399dee9b277a0ffd7ef8f65bb87363dbfdd0634cb88328528f369d	17.50%		Mirai
2025-09-02	n/a	elf	f863baaa35bf5e411e5e0a522a8b9d0ac6cdd07f7a5e89c95485431cd6abff22	21.88%		Mirai
2025-09-02	n/a	elf	ab6006033ba1a1cb942c18c8d274eab7536add2e4848e37a6b52c8d0fbaad80f	n/a		Mirai
2025-08-31	n/a	elf	77b61b321e2a73ad59b88fa6a484f840fc27df53c5127929e06b964bd5a855b0	n/a		Mirai
2025-08-30	n/a	elf	012c48576b5d0a5dd47c45695d8e1c01497e103f765d535bb46859e573d8da5b	n/a		Mirai
2025-08-28	n/a	elf	9c194d36f4e4e0578c5c5224ea44a3d87f96b474dc21c176c6e057f00683bebd	n/a		Mirai
2025-08-27	n/a	elf	427b34c99f24b080aad1ccf5ffda1949b31f0e45be1da5bcfab620f0cd9cd64c	21.88%		Mirai
2025-08-27	n/a	elf	b5d6e2a3056504592a2ba8ba418ac39a4df24d531d3e4ed25836fe417b7ff89c	17.19%		Mirai
2025-03-03	n/a	elf	1c29333336704e3c6945e2cdf52b5ec6853c828c672daf9cce7a9b620de13367	25.40%		Mirai
2025-03-03	n/a	elf	65861bc1580a1aa28f46d285a74d2ca56ac7e9ca5c75cfe346ae592defe7abd5	n/a		Mirai