URLhaus Database

You are currently viewing the URLhaus database entry for http://160.250.134.51/skid.arm7 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3620082
URL:	http://160.250.134.51/skid.arm7
URL Status:	Offline
Host:	160.250.134.51
Date added:	2025-09-08 15:52:17 UTC
Last online:	2025-10-04 03:XX:XX UTC
Threat:	Malware download
Reporter:	BlinkzSec
Abuse complaint sent (?):	Yes (2025-09-08 15:53:11 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:	25 days, 11 hours, 19 minutes (down since 2025-10-04 03:12:29 UTC)
Tags:	elf mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-09-21	n/a	elf	0fd1878b69312fbf748d3be8ba65b3431083985fcfe65a3b32a74a8ef69cdf89	29.69%		Mirai
2025-09-21	n/a	elf	c39b01af8619fd48f35e70b727cf3297ffb12d458d1b567838dc048ee152aaa9	12.50%		Mirai
2025-09-18	n/a	elf	21f9efb992b4e1d1beaf3b3a479153277e86fdc1c00c2728a5fb4e212a2a4554	29.69%		Mirai
2025-09-14	n/a	elf	b3b621fa5ff5702a5e442e05f54ca07d2f28bb94bed58e3d7ad6569af310f72c	31.37%		Mirai
2025-09-12	n/a	elf	b9b50507887433b6f7db229424f1f564537986b5f8b841216106c5e09e9aa05d	32.81%		Mirai
2025-09-09	n/a	elf	1caf6c817c0f8652a467a13b7ac09c48ba872730c894ec9baeea133885dc04f3	25.00%		Mirai
2025-09-08	n/a	elf	7bfb0c4fbe4df131605abe4893af21f8d0fa0f6071cb6e8caeceea364a555d75	46.03%		Mirai