URLhaus Database

You are currently viewing the URLhaus database entry for http://160.30.44.120/neon.mipsel which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3561585
URL:	http://160.30.44.120/neon.mipsel
URL Status:	Offline
Host:	160.30.44.120
Date added:	2025-06-12 16:48:33 UTC
Last online:	2025-07-09 11:XX:XX UTC
Threat:	Malware download
Reporter:	NDA0E
Abuse complaint sent (?):	Yes (2025-06-14 09:55:11 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:	25 days, 1 hours, 41 minutes (down since 2025-07-09 11:36:34 UTC)
Tags:	censys elf mirai opendir ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-06-30	n/a	elf	c07f3fb9f3251b3448ddedb0169a4b69d6d614eaaa70bfb1b91a180e812352fe	37.50%		Mirai
2025-06-20	n/a	elf	96a1907c9c68bc50c30348bf2d86ce9aff3edc0c098171fd0d95c48c8e62f9e7	50.00%		Mirai
2025-06-20	n/a	elf	d782eb64f68360ca661ea724b159a0f1f265e3468c37b1019819b9e96a77d24f	54.69%		Mirai
2025-06-20	n/a	elf	62e4fc20a46b47b9a654f745fd57e7a3954577287a13a082e19c9d9530a0b486	54.69%		Mirai
2025-06-20	n/a	elf	36ef1e3bbc3af428fc0e1981a334c236897217854bddaade945646383f11453e	53.12%		Mirai
2025-06-19	n/a	elf	b7d2ed0e54e1523aeddb814937697501e74a178d9994075d40f3710b21683f9b	51.56%		Mirai
2025-06-15	n/a	elf	b93a11614d4be5343d4b9685f823d5d99735b6ec9975f74570d520612abf6a97	n/a		Mirai
2025-06-14	n/a	elf	70100dea8750f52f720a739727cd9b6087e20eba4388bfcb6dcd437946512602	n/a		Mirai