URLhaus Database

You are currently viewing the URLhaus database entry for http://traxanhc2.duckdns.org/dwrioej/neon.sh4 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3543230
URL: http://traxanhc2.duckdns.org/dwrioej/neon.sh4
URL Status:Offline
Host: traxanhc2.duckdns.org
Date added:2025-05-14 08:31:10 UTC
Last online:2025-06-09 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Status unknown
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Not blocked
Reporter: BlinkzSec
Abuse complaint sent (?): Yes (2025-06-09 09:28:08 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:1 month, 21 days, 14 hours, 48 minutes Bad (down since 2025-07-04 23:20:14 UTC)
Tags:elf mirai link ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-06-30n/aelf b6d6ac4bb29f671fd57e2168e944c1d00045933fb27b182e1eec65f088978e60Virustotal results 39.06%Mirai
2025-06-20n/aelf ab3e336110aad0ede86c32b96b2ad793947f239e5382fb4b833bd78d991f4a47Virustotal results 51.56%Mirai
2025-06-20n/aelf 0c50f9fa5dcdb0b982c3c06ac649b3fcc37d64b72f280142488d05c4a12934b2Virustotal results 54.69%Mirai
2025-06-20n/aelf 9a9288cc28be565d2c05d00df5d90d2dea1ed20727ac276fd1a8fabf6edeef57n/aMirai
2025-06-20n/aelf dbfc053b482ac9ff85df8102d8f34717986a4fd6a4d02b17d230c96fac111f4cn/aMirai
2025-06-19n/aelf cccd6fb7290fc3f4a1dc50506839b08cf7b9ca6dfd200da19d129ed8d525d33aVirustotal results 54.69%Mirai
2025-06-15n/aelf dafcf42a7ab23f8e343f69243cb7c49bc38f89ee59c3deed037e67edea48c187Virustotal results 55.56%Mirai
2025-06-15n/aelf 2293ebb4321bd33a212aadb25311f2aa664f8044f13de968cc60497a890891aaVirustotal results 54.69%Mirai
2025-06-14n/aelf b4d74f269a513737e528c61e6dafe8ac57fc301cfc9a0457a985a53a0398a68eVirustotal results 56.25%Mirai
2025-06-10n/aelf 8cd3a75d1b196a6e07369f891063a571a4d06b59a4e98ba84ff9ebfab76a0a05Virustotal results 53.97%Mirai
2025-06-09n/aelf 447762c0ccfb6e14c091b710b2982711ec6c51048f9f1235e9777f6187b5a395n/aMirai
2025-06-08n/aelf 44756d9dd3e7ba30ac6432c0d59920864d23def02ab9fb6b4924229c5b7a1443n/a 
2025-06-07n/aelf b79a1b809cc5bf3dbf94f0dbbfa6d64c07ae3d5e88bb1cfda31752680d830e05Virustotal results 52.63%Mirai
2025-06-05n/aelf 51173d1b2d5de078ef2239673c264080a4d6f955308ac305e9d1d0d8b56a40d4n/aMirai
2025-06-01n/aelf 2498c1dfe0cc8732afddbec689e88ab6e39808be3c5434379a13c6ed5ec9e590n/aMirai
2025-05-22n/aelf 72c3c2a7cf9c5764f7f3bc15678c9be9215a0f6c0f2450695328abf88a02acacn/aMirai
2025-05-20n/aelf 392babcabddcb1042ab372a2cd495d6781fbaded1445ecfa8d112622d8da61aaVirustotal results 59.38%Mirai
2025-05-17n/aelf ef5998fa631e062c7a11554ec6378d707063d7b108f6d2fe0863428fe9d0b428Virustotal results 59.68%Mirai
2025-05-17n/aelf 43cf445e9a19039e362722a54848f8ca70420886b2a757cff0d5b32ea9f5b280n/aMirai
2025-05-17n/aelf 43624d08b8074164264e44755b0e76a187f3cd08606988d15f40ecbff422dbd7n/aMirai
2025-05-17n/aelf 0259702ffa5c8f2b0e6a93a8ec0cbb25a220ab3e3d4ea843ea9e7145f2217b28n/aMirai
2025-05-16n/aelf 5cfe957cdd287173203f190b1c695d99324ef3313d353c93afff575f97a9b815Virustotal results 58.73%Mirai
2025-05-16n/aelf 21d7e0768f1bb6b67e0f542fabad827d4941ffb629bb475c474414801afd7153n/aMirai
2025-05-15n/aelf 9064d99cea4e71cf129afcf95689ca43c21b4081411fdad13b85dde41bd3badcVirustotal results 59.68%Mirai
2025-05-15n/aelf 4456fdec73406f6ccec1a8639957b063e2f8001072fa3c018abe60bbb527445eVirustotal results 58.73%Mirai
2025-05-14n/aelf 5fca14f0c5c5514466beb31d72dee5893b00c96f3f25801cca140ea1c83eea32n/aMirai
2025-05-14n/aelf 521a70232e8dbe977cbe72b823cae833ec03a527b110f0ed0287949cb347180bn/aMirai