URLhaus Database

You are currently viewing the URLhaus database entry for http://154.205.128.91/arm5 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3469823
URL:	http://154.205.128.91/arm5
URL Status:	Offline
Host:	154.205.128.91
Date added:	2025-03-06 21:09:05 UTC
Last online:	2025-04-16 14:XX:XX UTC
Threat:	Malware download
Reporter:	ClearlyNotB
Abuse complaint sent (?):	Yes (2025-03-06 21:10:07 UTC to abusepoc{at}afrinic[dot]net)
Takedown time:	1 month, 10 days, 17 hours, 31 minutes (down since 2025-04-16 14:41:07 UTC)
Tags:	elf gafgyt mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2025-04-14	n/a	elf	d6ba7f1d51072b5d2464a386af1ec2eb4ad42b853eba8f3acbe903272a5653ee	n/a	Gafgyt
2025-04-14	n/a	elf	3a5c86a7631f29a6f599ef74a218dfcc9291aa525cd36fd06d2650364dd1b8d2	n/a	Gafgyt
2025-04-13	n/a	elf	a4c7e43308dacca54cd80d82071cb5a997d5c9198be94d14925389da05d62455	n/a	Gafgyt
2025-04-12	n/a	elf	73fd00967c1147471e81ae12ef58366ff79ae8afdbb15d2f619af6fe5a454d64	n/a	Gafgyt
2025-04-10	n/a	elf	63b0fa0da0eea5b58b37afca28c569a72f57d821aae8307838c82403bb3c9f3e	n/a	Mirai
2025-04-06	n/a	elf	3b7de09d48ff82ea1e92a3bdc478d34d48d749075abc2dd2470c99e320280171	n/a	Gafgyt
2025-04-02	n/a	elf	3db8ba259d2aea79d95aaa9ddb8f5d5fb45e7122b98ab150992506a64daecb6c	n/a	Gafgyt
2025-04-02	n/a	elf	eb09fec08cf6ce8e7739472573f5ad429e81c7cbb407cf298c6806d035418907	n/a	Gafgyt
2025-03-28	n/a	elf	a7a278d39918be69432f1d35f37fb29c206a3199df8798d96a27bbb1260fa1d2	n/a
2025-03-25	n/a	elf	e5541948a3473ad68e3a9dcca94ab31285bd8a52fca8220a4f61992dc09ddedc	n/a	Mirai
2025-03-25	n/a	elf	6091a6e498573cf7d614ee609dc12da058618528d931b814ca825334bd369549	n/a	Mirai
2025-03-25	n/a	elf	39ce3cf1eadeabf767236654d1228b5c3236daf05032d1dff5e8e16f74dbfb7a	n/a	Mirai
2025-03-24	n/a	elf	c9e5b60a85265de303dc4325edb9aa697eafa6f6da9ea4de3eb3efcd061a38ff	n/a	Mirai
2025-03-24	n/a	elf	76905f12e9ff6d8219316cbe0aba9b30e4bba53df354d25985bf93236c3c52cb	n/a	Mirai
2025-03-21	n/a	elf	ce78ed6e7ccb04010f12f4b903fb7e8566b75c76cf8a0b29810ceb14beebada5	n/a	Mirai
2025-03-14	n/a	elf	10688103269834c5593f31d4a5055ae1f9fb1ecd4a481cd9a1a59ba51694fd3c	18.75%	Mirai
2025-03-11	n/a	elf	378410eeefa84de9d39d3ef8df7aef258b12854e86cabf673f854f6048f68240	n/a	Mirai
2025-03-09	n/a	elf	eaaed6f12dca54b40d74e2d015663c478b1e6b47aa21c41a067c9829997c3fc0	20.63%	Mirai
2025-03-09	n/a	elf	51c964fba1c02c03ead1f1308dfd58f689b0802b71a6de8e4bdf31e920ddcb21	19.35%	Mirai
2025-03-06	n/a	elf	4d7fc97f9adf356f3ffa14c86ed7d424e8f00ecac52a323fecfab85418d76440	n/a	Mirai