URLhaus Database

You are currently viewing the URLhaus database entry for http://137.220.194.112/c/kt8 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3531155
URL: http://137.220.194.112/c/kt8
URL Status:Offline
Host: 137.220.194.112
Date added:2025-04-30 18:29:13 UTC
Last online:2025-05-14 08:XX:XX UTC
Threat:Malware download Malware download
Reporter: NDA0E
Abuse complaint sent (?): Yes (2025-04-30 18:30:09 UTC to cs[dot]mail{at}ctgserver[dot]com)
Takedown time:13 days, 13 hours, 31 minutes Bad (down since 2025-05-14 08:01:31 UTC)
Tags:censys elf mirai link ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-05-14n/aelf 6c97dbed3fba576dc263ed38ae0987f80764e33385537413c6e91b5d6cf7b762n/aMirai
2025-05-13n/aelf 2afedaebbe06ccb30b19caef7396042bdbb495e18fb3538caba39a4eac673f0cn/aMirai
2025-05-09n/aelf 7f690fa223e58660e964c7e077f117611b363b0355ffc2676fb68c8afa4ad0c9n/aMirai
2025-05-09n/aelf 79e57945bfb83560858f4ff38b51a745e73d547cf718e16b27c2abf7d240d93en/aMirai
2025-05-08n/aelf 150a403723a499eec8e785fc018cae0e017e678da061675069092868f9c97eb0n/aMirai
2025-05-07n/aelf 140cab1e33fb203f0bf90f8d46693394209e3337874635845c34650a08aef3ban/aMirai
2025-05-07n/aelf 05661b9c98444b95c0c99835f8fd95f4ddcec3ef8ec93d29ada99c07c984ad84Virustotal results 58.73%Mirai
2025-05-07n/aelf 3d671dd6df29d94251766641994626f5f225cbcd2d0ad77e105cdb5336227e25n/aMirai
2025-05-07n/aelf c54d2b77d31060eebaa28d3a5b7dca31844db55614bd808e08bead7894c56c87n/aMirai
2025-04-30n/aelf e2433af518717a5895314f4cceb735e5e7b25749b118d1f31bbc9228f7210028n/aMirai