URLhaus Database

You are currently viewing the URLhaus database entry for http://45.125.66.56/ppc which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3609791
URL:	http://45.125.66.56/ppc
URL Status:	Offline
Host:	45.125.66.56
Date added:	2025-08-23 07:35:25 UTC
Last online:	2025-09-28 04:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2025-08-23 13:52:13 UTC to admin{at}serveroffer[dot]lt)
Takedown time:	1 month, 5 days, 14 hours, 36 minutes (down since 2025-09-28 04:28:38 UTC)
Tags:	DEU elf geofenced mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2025-09-02	n/a	elf	fd07238570884beaa7f26c644408b18524fd2cc7c3b765ec24a0e9a36069d45a	n/a	Mirai
2025-09-02	n/a	elf	6ed0c2e79ded36d328255d1d592e0bb21fc03057790094e7848d00b44de2cdb6	n/a	Mirai
2025-09-02	n/a	elf	dcc02eae8f8cf6afc5f32c5a12a7d7be6a7c720aa0b4f001ec8c96c247579a1e	n/a	Mirai
2025-08-31	n/a	elf	fad6d9f982c3c774b62c649d2b07c29cc09f107068f4bf429962c264443eb1a3	n/a	Mirai
2025-08-30	n/a	elf	69c615956116f35ab1176c9361921fffdb492031dea03268afbd8e56bbffbdf4	n/a	Mirai
2025-08-28	n/a	elf	381997bb2af237966d34495c820ce5d0c16c56775b01490dcf89689d2479ee57	n/a	Mirai
2025-08-27	n/a	elf	d3c63747d279c3d59060e0ca537f7861c7359ef525b2a0fbcd43319497747e7b	n/a	Mirai
2025-08-26	n/a	elf	15beaf50b801c6e3e45a548ce401fa6bd5b8adc9a13b20663dd089715f73a3a9	n/a	Mirai
2025-08-25	n/a	elf	056c69825f41a2c62f3e14c6682b001b1810a0cda55967c725a7a630ebb24515	n/a	Mirai
2025-08-24	n/a	elf	88ff68645babcd0ab412c629ab4646c1e2aa8692dedf1f334dd9fea05f39556c	n/a	Mirai
2025-08-23	n/a	elf	301cbe3f72afe5ff50ae0e72538f74db31c9511830fccfaaf8e2e937531fa21f	n/a	Mirai