URLhaus Database

You are currently viewing the URLhaus database entry for http://mangotruff.redirectme.net/bins/arm which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3660259
URL:	http://mangotruff.redirectme.net/bins/arm
URL Status:	Offline
Host:	mangotruff.redirectme.net
Date added:	2025-10-06 12:08:19 UTC
Last online:	2025-10-25 10:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Not blocked
Reporter:	BlinkzSec
Abuse complaint sent (?):	Yes (2025-10-24 23:13:14 UTC to reports{at}magnates[dot]co[dot]za)
Takedown time:	18 days, 22 hours, 34 minutes (down since 2025-10-25 10:43:57 UTC)
Tags:	botnetdomain elf mirai

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-10-24	n/a	elf	ab273a6adb648557386f686f0cf8d53659999382320d529766c0b1a10718ba3f	43.08%		Mirai
2025-10-17	n/a	elf	0e371b80ebbebcc1b4bb3a73e764aeeb8dde38bda794c397fa7530194429d066	n/a		Mirai
2025-10-16	n/a	elf	7f02048396c11c3a185f600f0c866211f1a98f218027b75649d423d2d2bcee3f	37.29%		Mirai
2025-10-15	n/a	elf	749ae8bfe69fd2635fb92dc9394e62d6f0401a698ceb0bfba4be597f6a737a4c	n/a		Mirai
2025-10-14	n/a	elf	6388eaa019696bd67095b04a78865b41fcfac688d4e44b8f9f4ad5c37a86fde8	n/a		Mirai
2025-10-06	n/a	elf	54dc2b14c9b1d4d7857b4153ad72bbc16f1b10630e423e47a6e6e615e0dbc6f5	41.54%		Mirai