URLhaus Database

You are currently viewing the URLhaus database entry for http://traxanhc2.duckdns.org/neon.x86_64 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3560554
URL:	http://traxanhc2.duckdns.org/neon.x86_64
URL Status:	Offline
Host:	traxanhc2.duckdns.org
Date added:	2025-06-11 04:33:18 UTC
Last online:	2025-07-05 10:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Not blocked
Reporter:	BlinkzSec
Abuse complaint sent (?):	Yes (2025-07-05 07:44:09 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:	24 days, 5 hours, 56 minutes (down since 2025-07-05 10:31:05 UTC)
Tags:	elf mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-06-30	n/a	elf	92a79801513ef6941ab613b53691339d35bda1a353414009bc9a4a75d4e34b66	40.00%		Mirai
2025-06-20	n/a	elf	4b9c40b0049d3c9b46ce2578579bbd334bfeb12fe4184baf387a1f3ccb952d2b	52.31%		Mirai
2025-06-20	n/a	elf	0749e85bc5e9dd55c48ef5a4d15b16630450663d81087b131c477994161c121c	n/a		Mirai
2025-06-20	n/a	elf	34d705ada75c665494aecd6ffac896940eaf9ddc1c1fe0b0db7c9e0f37d119a2	n/a		Mirai
2025-06-19	n/a	elf	9ba9f2ba8062309049f14f3a3a8ff50b363cf7a1a1a9b5e30a8ec8ca79c62fda	n/a		Mirai
2025-06-15	n/a	elf	6fdb01658e57d04b2a32ffd64800bed60e9751b979114b8516b9bbed0bccb32b	n/a		Mirai
2025-06-15	n/a	elf	1f14695d0ddc5bd88f0f04f3f26c1a8bff3e770c1c5e14a255d96fc5bfe18f9c	n/a		Mirai
2025-06-11	n/a	elf	80326856be566072ffd98509f60baab38204b77db3b5428dcf7d8f2c69556b73	43.64%		Mirai