URLhaus Database

You are currently viewing the URLhaus database entry for http://cnc.zinomc.com/bot.arm which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3605915
URL:	http://cnc.zinomc.com/bot.arm
URL Status:	Offline
Host:	cnc.zinomc.com
Date added:	2025-08-18 15:36:22 UTC
Last online:	2025-12-24 15:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Abused domain (botnet C&C)
SURBL :	Not blocked
Quad9 :	Blocked
AdGuard :	Blocked
Cloudflare :	Blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	BlinkzSec
Abuse complaint sent (?):	Yes (2025-12-20 12:46:16 UTC to mh[dot]kctipl{at}gmail[dot]com)
Takedown time:	4 months, 7 days, 23 hours, 54 minutes (down since 2025-12-24 15:31:56 UTC)
Tags:	botnetdomain elf mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2025-12-20	bot.arm	elf	3f93796d0e1e97dada8b9e8939018106d8b2edd017ea4717bf5e8e522a0b3b72	n/a	Mirai
2025-12-16	bot.arm	elf	9233a96f6cc89f7414df90f601583f72a21b1f9eadead4e92ca220ad9cbb3529	n/a	Mirai
2025-12-05	bot.arm	elf	e379285742e4ecccd3defd15690c8b988eec922da217971b59103c36f4dac814	n/a	Mirai
2025-11-01	bot.arm	elf	69727e5aa9ee80fb61d88303a84ea2e96ad8654d9ef279504ab72c3a45ef8cfd	n/a	Mirai
2025-10-22	bot.arm	elf	904a2c2e6a4535a1cfa71b05f7d58a05d2f150623470aeb5ff533c9f01edafa8	n/a	Mirai
2025-08-26	bot.arm	elf	21f3228e54bc5f221ea8af4bc278b20cb9b0a280537a6afea294af25e82659af	45.31%	Mirai
2025-08-21	bot.arm	elf	bf52aa2882c92572e329a92518500bf38ddf5cf07afb08b8a7a3f6f9fb6b6001	56.25%	Mirai
2025-08-18	bot.arm	elf	dea9e875812436f4f9099b65eb16e4edb2b1d0bd341d854aaac37bd2bcd5d5d3	62.50%	Mirai