URLhaus Database

You are currently viewing the URLhaus database entry for http://154.205.133.58/skid.mpsl which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3573454
URL: http://154.205.133.58/skid.mpsl
URL Status:Offline
Host: 154.205.133.58
Date added:2025-07-02 02:12:09 UTC
Last online:2025-07-23 23:XX:XX UTC
Threat:Malware download Malware download
Reporter: ClearlyNotB
Abuse complaint sent (?): Yes (2025-07-02 02:13:11 UTC to abusepoc{at}afrinic[dot]net)
Takedown time:21 days, 21 hours, 11 minutes Bad (down since 2025-07-23 23:25:02 UTC)
Tags:elf mirai link ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-07-21skid.mpslelf 43a6e6ca89fed60ce3bfca724d0030ac868949a84e969d681bf292dc76e77e1bn/a
2025-07-16skid.mpslelf b2ef35d761c0eeb6386b7ae55c97a3612b4bd96ca87252358c18580261a4d4ccn/aMirai
2025-07-13skid.mpslelf e1254664e718f46a0e834fbdb882eb0dc2b5e198add24193a5309019285defc9n/aMirai
2025-07-11skid.mpslelf ca270c8d656b0543e676a3a68b4112616ac780d5977d06c5ea3da136b560e1f1n/aMirai
2025-07-08skid.mpslelf c3bffcb8029a4b40102c9ffb5910da036924e14c751f5883ed77b0423c3319f4n/a
2025-07-08skid.mpslelf edca7c35785bffea9b6013e95fd97ab747bc5547eb713ea9a0e3052fe87caf52n/a
2025-07-07skid.mpslelf 3ff483caceb7394b63f0479f1d4e88a087ae59f399aebc5814c444a2e079a2b7n/aMirai
2025-07-03skid.mpslelf bf5156d9e5ff753191b6f8ec183e85a7a9c71b68ebca8536c38d8858ad31c357n/a
2025-07-02skid.mpslelf 3693d487aef12911be5c1086c0412fcf0cfb17b6954d960ad0579bcdf1d0b28cn/a