URLhaus Database

You are currently viewing the URLhaus database entry for http://144.172.109.62/Orbt/Orbt.sh4 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3682130
URL:	http://144.172.109.62/Orbt/Orbt.sh4
URL Status:	Offline
Host:	144.172.109.62
Date added:	2025-10-20 06:35:25 UTC
Last online:	2025-10-28 23:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2025-10-20 06:36:13 UTC to abuse-reports{at}cloudzy[dot]com)
Takedown time:	8 days, 16 hours, 39 minutes (down since 2025-10-28 23:15:36 UTC)
Tags:	elf mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-10-28	n/a	elf	0018c3a0ebe07eafddadceb7fef8fe50ce6a468fc22df79f7d586d0c96b82499	n/a		Mirai
2025-10-26	n/a	elf	de2a6f53dec7a04bce34e364e60245593125d354afbb238232408026f31ab91d	55.38%		Mirai
2025-10-25	n/a	elf	9c09e17f94554c992940d886d214c8c4a25451aada335f2d374f0706f963c117	50.77%		Mirai
2025-10-23	n/a	elf	09af2f4915907e1cd9b5dab6cb843cb9eff20bc35bd874d186b4ffd882c291f1	46.88%		Mirai
2025-10-22	n/a	elf	4bba90491139ae223d5d2b73132a1e523190cc145c28593769d8089657a0948b	47.69%		Mirai
2025-10-22	n/a	elf	a69340fa5b6dc034e1db832bfa80003f985b38f4a13628a1c1ae343b05ffcd2b	n/a		Mirai
2025-10-22	n/a	elf	08e45c730781a2112994868217080291d238e83ee25f9488512a07596a780c1d	n/a		Mirai
2025-10-21	n/a	elf	9ce59a1989b1be0a0eb7f8a6e096cba7cc61e55e8e32c4781270581c3565140c	50.00%		Mirai
2025-10-21	n/a	elf	00dc2c99f3ad18d5218a32bfe86a03ef0243b83f30e92b652eb4cc5bfbf5ae71	n/a		Mirai
2025-10-20	n/a	elf	7b48c3109d721d8af737653c097231b6f57142d6d2aa457247265e0df46c94fb	52.31%		Mirai
2025-10-20	n/a	elf	2801c504824f2c0664c4043cd45fcaaddd3ecb14277d64ff2d7b9b024ea11ea4	n/a		Mirai