URLhaus Database

You are currently viewing the URLhaus database entry for http://netrip.ddns.net/systemcl/m68k which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3683093
URL:	http://netrip.ddns.net/systemcl/m68k
URL Status:	Online (spreading malware for 2 months, 4 days, 21 hours, 45 minutes)
Host:	netrip.ddns.net
Date added:	2025-10-21 16:22:20 UTC
Threat:	Malware download
URLhaus blocklist:	Blocked
Spamhaus DBL :	Abused domain (phishing)
SURBL :	Blocked
Quad9 :	Not blocked
AdGuard :	Blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	tolisec
Abuse complaint sent (?):	Yes (2025-11-27 17:44:13 UTC to reportabuse{at}racknerd[dot]com)
Tags:	elf mirai

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-12-20	n/a	elf	ee69d2f047fb8bd98d96d1ff4fb41f5dbea8aa91d81b60819542c8de7eb80a62	n/a		Mirai
2025-12-19	n/a	elf	9f0396ed1bd9c99cd2411b4c4607304e0074743f1a3e8fc223b6f2b7e521ac85	n/a		Mirai
2025-12-13	n/a	elf	99e541786ccc5f2999909bca759f5b6f8ac707a607dfb7a79d4636b6493c6cf0	n/a		Mirai
2025-12-05	n/a	elf	f14544f6303ad47fc35bb4969707a52f082b1e40dfb09d81ce6f6299835d95dd	50.77%		Mirai
2025-12-03	n/a	elf	3ec7e43ea002611c3bd533fa123d2a2365ca151d1dab0a3863b2a368c39f18dc	n/a		Mirai
2025-10-22	n/a	elf	452a0c93f439b4eeb230d8a3b2b01934b286283bdcc509cc56f09734f1b667ed	n/a		Mirai
2025-10-21	n/a	elf	b819a17fd9314f13890dce05291b4c14b40477f0546c7481b4c2af576928244e	60.00%		Mirai