URLhaus Database

You are currently viewing the URLhaus database entry for http://154.205.133.58/skid.mips which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3573452
URL: http://154.205.133.58/skid.mips
URL Status:Offline
Host: 154.205.133.58
Date added:2025-07-02 02:12:09 UTC
Last online:2025-07-23 23:XX:XX UTC
Threat:Malware download Malware download
Reporter: ClearlyNotB
Abuse complaint sent (?): Yes (2025-07-02 02:13:11 UTC to abusepoc{at}afrinic[dot]net)
Takedown time:21 days, 21 hours, 10 minutes Bad (down since 2025-07-23 23:23:38 UTC)
Tags:elf gafgyt link ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-07-21skid.mipself 37be31ebea20ccc5cbaf20f355cb26476439066f9cccb26c02e86b75fd10d021n/aGafgyt
2025-07-16skid.mipself 63e188a5a107d0737aa64ccaa85ae722731602ee375f8e656429018321b6dcb8n/aGafgyt
2025-07-13skid.mipself 2bbef0d22164027cd3717ccd22bb139086e832e256d2307d04d09ccb14c2990dn/aGafgyt
2025-07-11skid.mipself cf83ae47c9b2adf8e888422746808782164ff8c7cb1e2060bcce598e9c72a513n/aGafgyt
2025-07-08skid.mipself 998207698407b7ba2385465f903c9d2437d13693368c17cab1e11790643f3debn/aGafgyt
2025-07-08skid.mipself 514a3c5be76096c762e0047751032e505e3ef28cc41c24a9008291a88ba90748n/aGafgyt
2025-07-07skid.mipself 8a4e17d2e0fd6a3bf64dddaef3586563055d451be04919bc588daacb020fe917n/aGafgyt
2025-07-03skid.mipself afbc04f365a5ff7a5429730b1ae3ab0067715b657a73b42bcfad044263c46ccbn/aGafgyt
2025-07-02skid.mipself b518d130bfb026bcd8b61a588029d73f3fbb77e8514988e6e938e574634495een/aGafgyt