URLhaus Database

You are currently viewing the URLhaus database entry for http://213.209.143.64/arm which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3700409
URL:	http://213.209.143.64/arm
URL Status:	Online (spreading malware for 11 days, 3 hours, 34 minutes)
Host:	213.209.143.64
Date added:	2025-11-08 09:44:13 UTC
Threat:	Malware download
Reporter:	ClearlyNotB
Abuse complaint sent (?):	Yes (2025-11-08 09:45:12 UTC to abuse{at}virtualine[dot]org)
Tags:	elf mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-11-19	n/a	elf	7f74ae404f5d5d0f370a691d7a334cc9c773a21fdd2d7bf5c3e508b4545a4cf5	n/a		Mirai
2025-11-18	n/a	elf	67062606de29a9f4ec3a7701753f8e6e95f1cdd1880d19b4970b7aa4af4b5f76	n/a		Mirai
2025-11-16	n/a	elf	690422950f9483f96bab8ce8c62894b471ab3d888d9ee92a1a239ef1977a02a0	n/a		Mirai
2025-11-16	n/a	elf	23f22c8a38ffd950749e914fc858b1fd745bc9b911a4123dde9b51353784b13a	n/a		Mirai
2025-11-16	n/a	elf	e8d10c7ad64f8b220ccc733d3b0b2e0bdb969ba1e35bf50eb68d981f8547bfb2	n/a		Mirai
2025-11-14	n/a	elf	714f9656327b607f64c56db2cce242d28f8cd28ddfb5cbabd52c72af84e097f8	n/a		Mirai
2025-11-13	n/a	elf	5e698d3a3378825722486eba8ef69db1e0a371228a4ce49187bee81268526096	n/a		Mirai
2025-11-13	n/a	elf	e2ed9b3dcd5f70e363eaaa9fb74c457db6d3a848910c57d1bd7b0d9d056f0046	n/a		Mirai
2025-11-11	n/a	elf	39e632c9c68f32e63e3e24c00ad9c891dfa0ae991b45113f5f95e832bdfdcd63	n/a		Mirai
2025-11-10	n/a	elf	66399a87a924af15fe3c2db9a58503f2012aac5291650d4c43ee96559193dc48	n/a		Mirai
2025-11-09	n/a	elf	f6c5071b6b5a8729d732c7bd4c19387cc9b7a644f73e7c5ddfe56b65fe2e212b	n/a		Mirai
2025-11-08	n/a	elf	df0b5a447b32eef5d8339a0103dfb8971c0690dc00ebedd20b217173720db8c5	53.12%		Mirai