URLhaus Database

You are currently viewing the URLhaus database entry for http://45.125.66.56/i686 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3610840
URL:	http://45.125.66.56/i686
URL Status:	Offline
Host:	45.125.66.56
Date added:	2025-08-24 14:55:35 UTC
Last online:	2025-09-28 04:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2025-08-24 14:56:17 UTC to admin{at}serveroffer[dot]lt)
Takedown time:	1 month, 4 days, 13 hours, 15 minutes (down since 2025-09-28 04:12:10 UTC)
Tags:	DEU elf geofenced mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-09-02	n/a	elf	6509dcd8caa3035a09bbb926b0f93a63c80a76ecd9e8f5c6e74e0811fe3e200c	20.31%		Mirai
2025-09-02	n/a	elf	4a13c2604cbc12849f428d50eaa145e7b7111751314aacdb1b8c33388848112c	n/a		Mirai
2025-08-31	n/a	elf	9b506cbd5978153f00a13911e102f2b91d5d7929b72a0172af506fec0a399cec	n/a		Mirai
2025-08-30	n/a	elf	bd0d826136b79b57de470ead322a57f2adef5672b8861dfad3247ba205567c44	n/a		Mirai
2025-08-28	n/a	elf	188200fbc672ce881656b87246f0c4b603ed1a72da48ebafb7bb1c11d865ca97	20.00%		Mirai
2025-08-27	n/a	elf	55961706bb92083fa80f9ef971073540bdea1d45465e0dadb6038477a25fc402	n/a		Mirai
2025-08-26	n/a	elf	1226cc12f72717cc2e9cbcc2df0444397a46bb78af46d83120e3891f0d311bb2	n/a		Mirai
2025-08-25	n/a	elf	d95273b12a2977e046d7cc556402cf5ff7b1133370fa38875a62218ec4bbd516	24.62%		Mirai
2025-08-24	n/a	elf	c261521768edfd12848adb30af05e4bcfed6aafc68bc4faa924ac4cc6983b990	n/a		Mirai
2025-08-24	n/a	elf	2fc86eaa2eac33dc0d30f94ff3e1fa09099569f8b17edebc10a995ed6055d47d	18.46%		Mirai