URLhaus Database

You are currently viewing the URLhaus database entry for http://66.63.187.193/i686 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3568521
URL:	http://66.63.187.193/i686
URL Status:	Offline
Host:	66.63.187.193
Date added:	2025-06-20 08:06:11 UTC
Last online:	2025-08-29 01:XX:XX UTC
Threat:	Malware download
Reporter:	NDA0E
Abuse complaint sent (?):	Yes (2025-06-20 08:07:11 UTC to abuse{at}virtualine[dot]org)
Takedown time:	2 months, 9 days, 17 hours, 47 minutes (down since 2025-08-29 01:54:25 UTC)
Tags:	CoinMiner elf ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2025-08-07	n/a	elf	ee7a31fb0d3c29ca435f08fd147a434c6db921b69d32c8894539a8199b0b15c0	10.77%
2025-07-27	n/a	elf	bba0ee991bfa68321c51c96e696a6d0209bd1c4c3837bd2a458e026082e428c9	16.13%	CoinMiner
2025-07-21	n/a	elf	c14567815527c56614ce826efb5c062a620af7733dec486d331b2e4b471c7b3c	13.85%	CoinMiner
2025-07-15	n/a	elf	f4661f6ee571fadbbb0dcd7371bd047d50a4c751dd849836a1290da1348004b2	n/a	CoinMiner
2025-07-14	n/a	elf	ceb8e519abfdba1a6487e10f7994445275e84e6f1c09ddfb44f8f24da99b13b0	13.85%	CoinMiner
2025-06-28	n/a	elf	306c4e975edd4a95ae67c669cac871c233a5a7dd6591afa963b79304decc45ed	15.38%	CoinMiner
2025-06-27	n/a	elf	56e0cd0f1a7a5d5aa1d408339cecece2e6b51c097c48c3121506747267c451e9	15.62%	CoinMiner
2025-06-24	n/a	elf	dad581567f173b41ab1069ab45f21f1385fcebf94a6da7b66532ddfdfd36e34e	15.38%	CoinMiner
2025-06-20	n/a	elf	7780e72f7dea978946d4615c8db1b239d3e2c742cfc8be2934006b1fd6071110	53.85%	CoinMiner