URLhaus Database

You are currently viewing the URLhaus database entry for http://154.205.133.58/skid.arm which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3573473
URL:	http://154.205.133.58/skid.arm
URL Status:	Offline
Host:	154.205.133.58
Date added:	2025-07-02 02:13:09 UTC
Last online:	2025-07-23 22:XX:XX UTC
Threat:	Malware download
Reporter:	ClearlyNotB
Abuse complaint sent (?):	Yes (2025-07-02 02:14:12 UTC to abusepoc{at}afrinic[dot]net)
Takedown time:	21 days, 20 hours, 35 minutes (down since 2025-07-23 22:50:07 UTC)
Tags:	elf mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2025-07-21	skid.arm	elf	4c72b3a3e372704eb64e1f0e9ebd021902928fa8c6df47e15a347fa682d48916	n/a	Mirai
2025-07-16	skid.arm	elf	bf7602722bab8a304f4a03a9fed97ad0573a366f3db35dade4047dd1b5ba8388	n/a	Mirai
2025-07-13	skid.arm	elf	0195e9f425e48b57099bcf71a46a2d702fbb77e57b84f2527a86246b80191eb4	n/a	Mirai
2025-07-11	skid.arm	elf	cbff0804335ce92de0ba1ad4c2a2ce08d89c47b64bbf9826d5331eb67843ba85	n/a	Mirai
2025-07-08	skid.arm	elf	fbead70b377eb3eae47e5e2a53ecd430306a17d98076218feea712f8fbc5e58a	n/a	Mirai
2025-07-08	skid.arm	elf	b92ca4e7bb3fb794d9e56d85eff80e609230f7a71f3607b76d6789fff1cfd4ca	n/a	Mirai
2025-07-07	skid.arm	elf	7a285e426824bf7ff48169eb7842784610e91c906c90e5d4270b56774e25b06f	n/a	Mirai
2025-07-03	skid.arm	elf	2c426c7258e7a7499f88c60b15b8ce60a7edd2877422484a5f81511387de093e	n/a	Mirai
2025-07-02	skid.arm	elf	c8a80aea735ef1e418a31a11de3815fb0ee0d1a641c35c96542bcd6b034b2c4c	n/a	Mirai