URLhaus Database

You are currently viewing the URLhaus database entry for http://137.220.194.112/c/kt6 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3531152
URL:	http://137.220.194.112/c/kt6
URL Status:	Offline
Host:	137.220.194.112
Date added:	2025-04-30 18:29:13 UTC
Last online:	2025-05-14 08:XX:XX UTC
Threat:	Malware download
Reporter:	NDA0E
Abuse complaint sent (?):	Yes (2025-04-30 18:30:09 UTC to cs[dot]mail{at}ctgserver[dot]com)
Takedown time:	13 days, 13 hours, 58 minutes (down since 2025-05-14 08:28:25 UTC)
Tags:	censys elf mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-05-14	n/a	elf	3a226944d579b8c9adb98830fd1b3d7c9bb07ce69dc21e4b8851b48cc4fb62bf	n/a		Mirai
2025-05-13	n/a	elf	09277d624b5f65294135ca7518faa0b35c63907dcc596b9ba6e2a337e0250a19	n/a		Mirai
2025-05-13	n/a	elf	346c9c72f9903d99e6d268e95ded15a05774d28f042767b5e53b00a138838592	60.32%		Mirai
2025-05-09	n/a	elf	ef5f9308e0dfe1945704a1f6ea6f57bf6d22565d73229e8ca23fb480ebc68be4	n/a		Mirai
2025-05-09	n/a	elf	6a50d308eabb6f68fa21d77681c54d15eb67054bed54b4f7fe3cae1f12319a4c	n/a		Mirai
2025-05-08	n/a	elf	d556784b2302bcf5ec18c58628c2ab1b51c6fa33775e5faf58878ca794243648	n/a		Mirai
2025-05-07	n/a	elf	74d9ac3f22eaddc8e652f91fa88ab65f93ac8b0d61965f2143e884c8c8ee3112	62.90%		Mirai
2025-05-07	n/a	elf	fd3fe16519931ead732a099c90cb95a33791a89c6df110c567259373745e8cb5	60.32%		Mirai
2025-05-07	n/a	elf	b03bee1c7d48b7a8060ac465caeea9da0ee042952a441b997cf780b4a57c2984	n/a		Mirai
2025-05-06	n/a	elf	9ee2d7ef759ea5b3e78a036a74700c5a2882b72753143e04f9e50efbeeee03fa	n/a		Mirai
2025-04-30	n/a	elf	1e6bd1465da30ca879d1bad00075cf262515e8dc485a2ef14ec38bc12d13e0c6	n/a		Mirai