URLhaus Database

You are currently viewing the URLhaus database entry for http://213.209.143.64/arm6 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3700423
URL:	http://213.209.143.64/arm6
URL Status:	Online (spreading malware for 11 days, 3 hours, 26 minutes)
Host:	213.209.143.64
Date added:	2025-11-08 09:45:14 UTC
Threat:	Malware download
Reporter:	ClearlyNotB
Abuse complaint sent (?):	Yes (2025-11-08 09:46:11 UTC to abuse{at}virtualine[dot]org)
Tags:	elf mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-11-18	n/a	elf	29be02c9f220030f2ca0d72b8f824708bae7def1a35dfdacc2eda38a4f2b647c	n/a		Mirai
2025-11-18	n/a	elf	ff882b3b4288510f8caf7354faa3b20a2384af600463408f68339b75b9543e0d	n/a		Mirai
2025-11-16	n/a	elf	c57aa4d61acdbb993922bdb1eb0e4e6e1b5948bcf45f532e5334d144cc0bb6a7	n/a		Mirai
2025-11-16	n/a	elf	9e31e5e1e30032dc649052166fc42a709fdecf33b4ee15dbd6709d90d867e83d	n/a		Mirai
2025-11-15	n/a	elf	b975d319734324bbdddd1561542a5886aae52d7c86f8375c28d5fc2d67df1662	n/a		Mirai
2025-11-14	n/a	elf	1a36edf2298f83ff239086b7e89cecce96f29cf785fdfc7539445cbf8780d93f	n/a		Mirai
2025-11-13	n/a	elf	6db0490af43013cfe5015bb4809c58fd1b52a9a42d843375573dd0ecc3ec6b17	n/a		Mirai
2025-11-11	n/a	elf	d818679eb25ebce061955b2ed86a992ba15159be2458fa56cbad1248f69085d3	n/a		Mirai
2025-11-10	n/a	elf	bd42ef62fff3dcc1092b5ab018415c063b37b018ae66efa1b67a1fd41e12833d	n/a		Mirai
2025-11-09	n/a	elf	86a072d641426a61506593c2db02b2ac17530c5716a37a48383261afdf8cef87	n/a		Mirai
2025-11-08	n/a	elf	1aaf787789decb7cf5c5db77a590bf32534b3961d7f447c418404ad0830608c3	62.50%		Mirai