URLhaus Database

You are currently viewing the URLhaus database entry for http://144.172.109.62/Orbt/Orbt.x86_64 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3682117
URL:	http://144.172.109.62/Orbt/Orbt.x86_64
URL Status:	Offline
Host:	144.172.109.62
Date added:	2025-10-20 06:35:19 UTC
Last online:	2025-10-28 23:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2025-10-20 06:36:13 UTC to abuse-reports{at}cloudzy[dot]com)
Takedown time:	8 days, 17 hours, 6 minutes (down since 2025-10-28 23:42:26 UTC)
Tags:	elf mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-10-28	n/a	elf	68aa9d2e946a9cd7b886e7b1e3c0e30e3599260a76f8ccd45883748bdd4d43e0	n/a		Mirai
2025-10-26	n/a	elf	074c628f18145b1bfd1178ef0dd6e1999fec2c6f8bfc6aff9167fa3728d59409	36.92%		Mirai
2025-10-24	n/a	elf	1885f84ae0f15e66936dc1c4c8fbfcc8922edaf24445b4e7b9fe409c44edc2f5	36.92%		Mirai
2025-10-23	n/a	elf	2c2a7c1bb15e2427932d810b9359e1fce5cf6800153807ca0d28c7816be12cf8	n/a		Mirai
2025-10-23	n/a	elf	52eb0a40ec7985e4d64635560127687dc5e0b13c422014779037a79ecb680909	n/a		Mirai
2025-10-22	n/a	elf	26ed7bcce14343040dca3ed20cfd8eb2ed45862186908dcfc03d47f663025014	n/a		Mirai
2025-10-22	n/a	elf	4a254a3c08af9b7af32f260c4a90b9e137112e5774814ea4b26b71d0deda0626	36.92%		Mirai
2025-10-21	n/a	elf	fb8050dc9cf8eb9e7f94b326c64c7155d35779b82f35b6996f8d835052976fce	n/a		Mirai
2025-10-20	n/a	elf	9619b4280c957b087f9e2727502cc068a9956ac201d8009c8a9be6d73860486d	n/a		Mirai
2025-10-20	n/a	elf	b1f10f596e3e926cc99f83054a69094039fce96b325e0e6176255a38ea91a3c8	n/a		Mirai