URLhaus Database

You are currently viewing the URLhaus database entry for http://160.250.134.51/mips which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3620009
URL:	http://160.250.134.51/mips
URL Status:	Offline
Host:	160.250.134.51
Date added:	2025-09-08 15:02:25 UTC
Last online:	2025-10-04 00:XX:XX UTC
Threat:	Malware download
Reporter:	threatquery
Abuse complaint sent (?):	Yes (2025-09-08 15:03:15 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:	25 days, 9 hours, 6 minutes (down since 2025-10-04 00:10:00 UTC)
Tags:	32-bit elf gafgyt mirai Mozi

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-09-21	n/a	elf	7cd5fb5b6d94ac2acf16f8904f6f307f47710df1d51129d55e70590a52dcf823	32.81%		Mirai
2025-09-21	n/a	elf	6f461ed0b332339c2e9808b5938ada8ae13f6ee27ed4722f91a100f6acbdde6c	20.31%		Gafgyt
2025-09-18	n/a	elf	fa96cf95515c5e6f86084aa51099fb5e5c0cec71c651bf08ec7b53b2a3029705	31.75%		Mirai
2025-09-14	n/a	elf	656fbf26390a239a6f852ac5a5e9e11ac7bb245fed072d11e8f1e66ea66d7815	20.63%		Gafgyt
2025-09-11	n/a	elf	66c7502ff375bbbfbfb58c22e3cace095173223ae92f24e73371f645595ab17f	32.81%		Mirai
2025-09-10	n/a	elf	6235ab84723f8d3b42a4e8406677c3ed7b2c1da46c1293c0d9991f6a61570473	42.19%		Mirai
2025-09-09	n/a	elf	08fc70dcc2fee6611b7f92c7153d39a7ae8cdc672151af202e92cc913443901f	20.63%		Mirai
2025-09-08	n/a	elf	b4854e6a3a95d83dd16aee1c9695602a1978c0aaf8911d3d439d9b39bf00cc2d	45.16%		Gafgyt