URLhaus Database

You are currently viewing the URLhaus database entry for http://45.125.66.56/x86_64 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3609768
URL:	http://45.125.66.56/x86_64
URL Status:	Offline
Host:	45.125.66.56
Date added:	2025-08-23 07:35:12 UTC
Last online:	2025-09-28 04:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2025-08-23 07:36:35 UTC to admin{at}serveroffer[dot]lt)
Takedown time:	1 month, 5 days, 20 hours, 53 minutes (down since 2025-09-28 04:30:21 UTC)
Tags:	DEU elf geofenced mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-09-02	n/a	elf	c39196e5ab865850c997492cc40ea9e9533ce1bcf915b255647f4ad82418be25	n/a		Mirai
2025-09-02	n/a	elf	f29eec205097ae3f1257a63702814a3444448c440ec904c88464eb44346833f8	n/a		Mirai
2025-08-31	n/a	elf	14fcc4a7bb14ec2d99b42c05249f27e8abd7b71ecba7a4c95f541891ba0ec0d8	n/a		Mirai
2025-08-31	n/a	elf	b42296aa49398cd15e299a69a5c148f1ee6a067a32291e87961f1921b487749d	n/a		Mirai
2025-08-28	n/a	elf	ab7fd9b59fda874718d1bf12a34750a754e58212bd37cc2ae0becbe939fda808	23.08%		Mirai
2025-08-27	n/a	elf	fe47bc1c98fa84078cdf441066eb902777dcc6a2b3d3e60b84c9126fa5bfbc3c	n/a		Mirai
2025-08-26	n/a	elf	bebe60a59467902919f2c799e78c37af3370753e7cd16abac733a88ef1cbc574	n/a		Mirai
2025-08-25	n/a	elf	299688062622654720813a8a159a307f9deb4f0aa4ffe74a1ef1545871fd6c51	20.00%		Mirai
2025-08-24	n/a	elf	7a261208ccdd0f94b57bba2a12361039dadde52f483e08b776bd11bb7e256fad	n/a		Mirai
2025-08-23	n/a	elf	4559157eed34eef90ff6dce94c5caf1f3b8caaffea1178e8aa5072d10af03acb	n/a		Mirai