URLhaus Database

You are currently viewing the URLhaus database entry for http://109.205.213.5/resgod.arm5 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	3610337
URL:	http://109.205.213.5/resgod.arm5
URL Status:	Offline
Host:	109.205.213.5
Date added:	2025-08-24 04:22:07 UTC
Last online:	2025-09-08 21:XX:XX UTC
Threat:	Malware download
Reporter:	redrabytes
Abuse complaint sent (?):	Yes (2025-08-24 04:23:10 UTC to abuse{at}razinetwork[dot]com)
Takedown time:	15 days, 16 hours, 51 minutes (down since 2025-09-08 21:14:12 UTC)
Tags:	elf mirai

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2025-09-07	n/a	elf	e89328219e412a061745f826ee6ad9be1a56ea91de224f3178a93b63375604b9	n/a	Mirai
2025-09-07	n/a	elf	2441662f5ff06cda88f5bcd12992a7470063c10f4514b2f4bec734d7ba943c25	n/a	Mirai
2025-09-06	n/a	elf	89e2151bfb0089551b5cdcc0a383985a697bad796c94c0520e8466e60cb29201	36.51%	Mirai
2025-08-26	n/a	elf	a4fca9134c48bd530f339b70d5ae620de9c301544ed299bb0baeeebafacd995b	n/a	Mirai
2025-08-24	n/a	elf	169c16548513423a529c17ff00b4609afad0f67a9582c60f007c6b9cc37fcb98	n/a	Mirai
2025-08-24	n/a	elf	8a905729e5d10889d91e811ae9ebbd4c255378767170df0438e00b76cde6d377	n/a	Mirai
2025-08-24	n/a	elf	f3f180395fc893db7dd1cee31126de9086e8d5167c654e0c1ae3c0b6706237ac	n/a	Mirai