URLhaus Database

You are currently viewing the URLhaus database entry for http://42.112.26.36:8080/sh4 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3469448
URL: http://42.112.26.36:8080/sh4
URL Status:Offline
Host: 42.112.26.36
Date added:2025-03-06 13:27:04 UTC
Last online:2025-04-07 20:XX:XX UTC
Threat:Malware download Malware download
Reporter: NDA0E
Abuse complaint sent (?): Yes (2025-03-06 18:10:08 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:1 month, 2 days, 2 hours, 25 minutes Bad (down since 2025-04-07 20:36:06 UTC)
Tags:elf gafgyt link mirai link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-03-29n/aelf 101e8768f93229049409ef45728faeecf0d24ef2687d94a59e8e46333b8ebb24n/aGafgyt
2025-03-28n/aelf 516eea0baebfc28f809f54c08f864ff2995a2b9567088512d36bf5840489bfdbn/aGafgyt
2025-03-28n/aelf 31e09f3cf5546c2700367e3281eae724664fa8a89df8bee85317806c46f0bbbcn/aMirai
2025-03-26n/aelf 6222b29b7bb329ad6852c928f369803f11d17dc8254b0501ace918c4db9900b9n/aMirai
2025-03-25n/aelf 2906c97a9f3b62c4cb888aafefd5a6a7e5a993486fcadd7177bb40505ea7c08cn/aMirai
2025-03-24n/aelf de54d3fae5f0b8f38983bf2b2cf9af35384ec965e3e8b7d1b5651af4b20ee01bn/aMirai
2025-03-24n/aelf 1dba1a8c426e1d595069c22a485d8fea6ce716c9499a2b75ef923604adaaa4ben/aMirai
2025-03-24n/aelf 93556aeaa68a595ccefb2c63f007ddac6980793b7b85777e46a4b33be8b7f0ccn/aMirai
2025-03-20n/aelf 3dc6298bbf1922c1d5c6d34f9a45fa0ce297c5438ec63fdfdcd562b1732ac6acVirustotal results 25.40%Mirai
2025-03-18n/aelf e15e7b19083341ee80f69162e83be1432b3dcb68548d4bbb0de86988d4ebcdb9Virustotal results 12.50%Mirai
2025-03-15n/aelf 81d4410cba96bff795ee66e5eaef845179dba713ddaf7a30f8c403ab5bb967f2n/aMirai
2025-03-11n/aelf 0e7eb62f94c35407d91b9a0cab4b733690ffc440dc35caef95cf58be7517931en/aMirai
2025-03-09n/aelf 687ca2ff1a9e1f4f579a77db0275ffcdb1660e2703f2bf37b1fbe17b6a09227eVirustotal results 22.95%Mirai
2025-03-09n/aelf 49d025bbbc67c743d6749817f9320f663d533aa049439b16b9c740bfafd18c16n/aMirai
2025-03-06n/aelf 96a79ec6c175770129ee40584cae4df3650b85b3d1e9b7fb2afc925d2704f39bVirustotal results 41.27%Mirai