URLhaus Database

You are currently viewing the URLhaus database entry for http://144.172.109.62/Orbt/Orbt.mips which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3682107
URL:	http://144.172.109.62/Orbt/Orbt.mips
URL Status:	Offline
Host:	144.172.109.62
Date added:	2025-10-20 06:35:19 UTC
Last online:	2025-10-29 00:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2025-10-20 06:36:13 UTC to abuse-reports{at}cloudzy[dot]com)
Takedown time:	8 days, 17 hours, 26 minutes (down since 2025-10-29 00:02:39 UTC)
Tags:	elf gafgyt mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-10-28	Orbt.mips	elf	74b0536ba2de49f1989592c085010eb3400aa33b4a4b85424e320fb74d143d82	n/a		Mirai
2025-10-26	Orbt.mips	elf	ddc8a3d0a9c5f1384376e3cf576fbb51c4111872c4f0f35eef07eca9d53d19d3	35.38%		Mirai
2025-10-24	Orbt.mips	elf	37feacb2f37261ce205d7abd4350c15389db51aff36964a63cab72fd291a1f48	n/a		Mirai
2025-10-23	Orbt.mips	elf	1be687db16ba873766dd9393bb56a693e8c3cc78464117ae87e8d234301d4efd	n/a		Mirai
2025-10-23	Orbt.mips	elf	f4f06d0ae95ba330be4a28a821509105f7b28819a5c85a3087f5e505c51b0135	n/a		Mirai
2025-10-22	Orbt.mips	elf	408dcce8911b600a58c46138f58e68b9e356d0e49751166ef8c43ebd356f8310	35.94%		Mirai
2025-10-21	Orbt.mips	elf	94f1f83a407cd1aa39c8abc88082fe71a3d3c0cafe00aa5c88475c124c2e2d0a	36.92%		Mirai
2025-10-20	Orbt.mips	elf	4201efb92f293e5baca4c26b40ba58f96196cfb44b6cd84ad2cdc7da4244f6ce	38.46%		Mirai
2025-10-20	Orbt.mips	elf	4a11d1e301cd8e70694fd6e1472464e4d1046f33b3274b6234dc7b045ff10b9b	n/a		Gafgyt