URLhaus Database

You are currently viewing the URLhaus database entry for http://207.244.199.152/mpsl which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3604489
URL:	http://207.244.199.152/mpsl
URL Status:	Offline
Host:	207.244.199.152
Date added:	2025-08-16 08:20:21 UTC
Last online:	2025-08-18 09:XX:XX UTC
Threat:	Malware download
Reporter:	botnetkiller
Abuse complaint sent (?):	Yes (2025-08-16 20:05:12 UTC to abuse{at}freakhosting[dot]com,report{at}abuseradar[dot]com)
Takedown time:	1 day, 12 hours, 58 minutes (down since 2025-08-18 09:03:52 UTC)
Tags:	elf geofenced mirai ua-wget USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2025-08-18	n/a	elf	5c922ae55396b31dee3fd10aef13d263c657060ac704d0c2401b3974d93729f3	n/a	Mirai
2025-08-18	n/a	elf	dbbb42bf7bd7fe4a4c68f46dffe0afb10cbd869407aed8607abf99c674944f08	n/a	Mirai
2025-08-17	n/a	elf	6615559b2d4276bcd47ae8524e7d8f72d0bda97e2704a4c29eb7ea418f57b624	n/a	Mirai
2025-08-17	n/a	elf	c99b37d82bda0ac9c2514b91a51ae79430b5bef7e3181429d797b4cf914f1839	34.38%	Mirai
2025-08-16	n/a	elf	2590825312e865ae0eb0093688b24293ecb4fdde8e71efe4fab1c09ee6bfed4c	39.06%	Mirai