URLhaus Database

You are currently viewing the URLhaus database entry for http://91.92.242.241/arm6 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3657689
URL:	http://91.92.242.241/arm6
URL Status:	Offline
Host:	91.92.242.241
Date added:	2025-10-05 13:50:17 UTC
Last online:	2025-11-02 23:XX:XX UTC
Threat:	Malware download
Reporter:	ClearlyNotB
Abuse complaint sent (?):	Yes (2025-10-05 13:51:18 UTC to abuse{at}metaspinner[dot]net)
Takedown time:	28 days, 9 hours, 44 minutes (down since 2025-11-02 23:36:12 UTC)
Tags:	DEU elf geofenced mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2025-11-01	n/a	elf	1aaf787789decb7cf5c5db77a590bf32534b3961d7f447c418404ad0830608c3	n/a	Mirai
2025-10-21	n/a	elf	bb39ba5a99f379033b013c97486ba3e6d6a798b192a4008963df1c06887f10dc	n/a	Mirai
2025-10-20	n/a	elf	8fefef45c3827053dd588dc827d1f2e87bbb93a6cfe5500160b55ef2c58e53ff	n/a	Mirai
2025-10-17	n/a	elf	79a536634cd81e0adea243d9aa55d5033d10758d451ea29308bc6ff68f992485	n/a	Mirai
2025-10-16	n/a	elf	326c016e0194d5add4b5da5093df4b48187a2db9b39a72e444f8c17735219acb	n/a	Mirai
2025-10-16	n/a	elf	780ba2590499b10e2f343fdafc006f676cffb4ceaf32c8d90b9d506fb213bfdb	n/a	Mirai
2025-10-15	n/a	elf	cc88af7c1199921a0ca088669cd4e3e90a9a4481c54f4112b81b633837ad3d94	n/a	Mirai
2025-10-12	n/a	elf	536776e608aa333ecacc722862f5128c22110c35363bb2595f64846288f0cbbe	n/a	Mirai
2025-10-12	n/a	elf	f9ec6caf8579d48817212aa4303184a3645ba105bad6fc9be422effd8195cb99	n/a	Mirai
2025-10-10	n/a	elf	b7a3beb67ed7547b7b6f66a6a80c6dbce8218ef1238b9bbd49f86886931eeb67	n/a	Mirai
2025-10-05	n/a	elf	84502f5fbe0a6dbdd6f0931ded58807f61d24ae5b6376f7c0ca912a487650217	n/a	Mirai