URLhaus Database

You are currently viewing the URLhaus database entry for http://78.153.140.124/b1n/arm6 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3687238
URL: http://78.153.140.124/b1n/arm6
URL Status:Offline
Host: 78.153.140.124
Date added:2025-10-25 15:04:09 UTC
Last online:2025-11-11 07:XX:XX UTC
Threat:Malware download Malware download
Reporter: botnetkiller
Abuse complaint sent (?): Yes (2025-10-25 15:05:19 UTC to abuse{at}hostglobal[dot]plus)
Takedown time:16 days, 15 hours, 58 minutes Bad (down since 2025-11-11 07:03:34 UTC)
Tags:arm elf geofenced mirai link ua-wget USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-11-02n/aelf 76cb047623f8b366cd1d6c949c30a9ef394bd6a9337b97afbb2ea5b9fffb5fc2n/a
2025-10-30n/aelf 23cec3fdf2ba99e0269516ca8cdca0e3e6a4924ec57c1027053a0d2ea24511e0n/aMirai
2025-10-30n/aelf 9aec9a4c907d8912c6c4d055ba7bae688c2b7c05ecd4b80564221d34717de388n/aMirai
2025-10-29n/aelf 0bbf8001608773e78d1c8fcf71fe1ceff7840a058c92f898353e7a0b5010d6ccn/aMirai
2025-10-29n/aelf 5eb5a5aec1a07808fcdeaf0be3f1997cbf5da63c3e3d270f25b509eb27ffbb2dn/aMirai
2025-10-28n/aelf f1147627902f8191875f9bcada71d8355caf5300c48b5d7160157e6f80bf1076n/aMirai
2025-10-28n/aelf b2e253cf921f5fa59cc07a287d2a028d545ad5a7f21541bed5200673bc00d7e7n/aMirai
2025-10-28n/aelf 84fc241f8605e10f4305b285ca5f0c8662bf56d0a399e5080dc2c2bba898fd62n/aMirai
2025-10-25n/aelf 70efb06c80b8dc8295411d0811623d399ae48ece620db38003e9313d3fb1a9c0n/aMirai