URLhaus Database

You are currently viewing the URLhaus database entry for http://158.94.209.216/uppc which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3624291
URL:	http://158.94.209.216/uppc
URL Status:	Online (spreading malware for 2 months, 15 days, 0 hours, 4 minutes)
Host:	158.94.209.216
Date added:	2025-09-15 05:47:15 UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2025-09-15 05:48:10 UTC to support{at}ipv4[dot]global)
Tags:	elf mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-10-01	n/a	elf	9571006c74e39888a4a2709e87109120ce44b627498ee298c4242def6f3680c4	15.62%		Mirai
2025-09-29	n/a	elf	d491416bbc44d03b83fa0df57be5e79097be16139e136ed21420068d4de13688	n/a
2025-09-28	n/a	elf	8092d1efd62c0c4b78713289fd7421e9ac4a565b9292275cb4a75ac0bfa5eae8	n/a		Mirai
2025-09-27	n/a	elf	b0adca7ac4bdf8b4475ce3caad6cb1b5ea23e00a6727a153fe2ddc6840937a23	n/a		Mirai
2025-09-25	n/a	elf	eb31df255470cd24378f9f33c0eb2cc32f5c24a34e0aa1d075011ca4f7efb8cc	n/a		Mirai
2025-09-15	n/a	elf	f4c01c080278ee75503253dc1bc4afdc4de0c393e657af047367172b5914abe0	n/a		Mirai