URLhaus Database

You are currently viewing the URLhaus database entry for http://cbot.galaxias.cc/hiddenbin/vision.arm which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3506594
URL:	http://cbot.galaxias.cc/hiddenbin/vision.arm
URL Status:	Offline
Host:	cbot.galaxias.cc
Date added:	2025-04-10 12:00:08 UTC
Last online:	2025-04-21 11:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Malware domain
SURBL :	Blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	DaveLikesMalwre
Abuse complaint sent (?):	Yes (2025-04-10 12:01:06 UTC to abuse{at}dolphinhost[dot]net)
Takedown time:	10 days, 23 hours, 14 minutes (down since 2025-04-21 11:15:29 UTC)
Tags:	botnetdomain elf mirai opendir

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-04-21	vision.arm	elf	2284e131206da4ed3235b84d5754d51bb637c2874826061414d83f30d6c97b90	n/a		Mirai
2025-04-20	vision.arm	elf	725db52ba8e190bfae423b91e5cab68028e41c29189c2709c6dbbbad67f6e281	n/a		Mirai
2025-04-19	vision.arm	elf	6bd54cde785149a941804cc880a18a8c11b1877bade72724c46fd718bf5ed71e	n/a		Mirai
2025-04-19	vision.arm	elf	4c6fb951acb58c5b7f17ca03a16ddf8fe38927f4ca9f0ffc6833bdbaff47344d	27.42%		Mirai
2025-04-13	vision.arm	elf	824466932bc034a2a81590e98edcbc6155aa40ee4d5d3f4a58714f4a9ee81d3e	n/a		Mirai
2025-04-12	vision.arm	elf	bc2219d612bef1f6544a330502b08995f2c3a181bb49fe04742a8263db59059f	26.98%		Mirai
2025-04-11	vision.arm	elf	299e31ea44393990f5adcdaabad167215a16e95a7429966dbaeccf266307b90f	25.00%		Mirai
2025-04-10	vision.arm	elf	b2d919434108f9d4252bc50f03d1c25ade3d0460ec662e5dd909e0c5f007f996	n/a		Mirai