URLhaus Database

You are currently viewing the URLhaus database entry for http://91.92.242.241/arm which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3657688
URL:	http://91.92.242.241/arm
URL Status:	Offline
Host:	91.92.242.241
Date added:	2025-10-05 13:50:17 UTC
Last online:	2025-11-02 23:XX:XX UTC
Threat:	Malware download
Reporter:	ClearlyNotB
Abuse complaint sent (?):	Yes (2025-10-05 13:51:18 UTC to abuse{at}metaspinner[dot]net)
Takedown time:	28 days, 9 hours, 18 minutes (down since 2025-11-02 23:09:22 UTC)
Tags:	DEU elf geofenced mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-11-01	n/a	elf	df0b5a447b32eef5d8339a0103dfb8971c0690dc00ebedd20b217173720db8c5	45.31%		Mirai
2025-10-21	n/a	elf	a8abd4b3c947001c27844981406186fe722bbba9c50a09a76adcc69b8ebb663f	n/a		Mirai
2025-10-20	n/a	elf	6490aa552a98ac882983edc9c961bb0505dff84087fd16a9c3b89c55d4570e56	n/a		Mirai
2025-10-17	n/a	elf	886a41df5429d40b7c918c4118e9317322115ca6c65b08a579342f177349f593	n/a		Mirai
2025-10-16	n/a	elf	147069c383688be9c3904b5ffd62137f2c3a43a98e6b4b3cfdc06b5338306fea	n/a		Mirai
2025-10-16	n/a	elf	6b7c251c2573eb09014545f3397f52f6895f299d998d392241cafdb4f913271d	n/a		Mirai
2025-10-15	n/a	elf	39c367948a3f507e5529e32af9aee0173f4de664170bcd91447f8193167773be	n/a		Mirai
2025-10-12	n/a	elf	0a3fafd2f61b528d8a2ef369082f52993968ef79929299db487aa041183205fe	n/a		Mirai
2025-10-12	n/a	elf	20b2d8087df2843cf4fcd4dd1ed484eade2fcbb9858bfeec6d895b69f5b96fd7	n/a		Mirai
2025-10-09	n/a	elf	7f7bde9fd5a0b2968103043e5a9ca537603c67d554299946d14e4d723fb15754	n/a		Mirai
2025-10-05	n/a	elf	c941a9fadcbebf6c0b528dad123530c602b4e3ef0f7ebb54a418e74fd365b673	n/a		Mirai