URLhaus Database

You are currently viewing the URLhaus database entry for http://www.teamc2.duckdns.org/00101010101001/morte.x86 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3702508
URL:	http://www.teamc2.duckdns.org/00101010101001/morte.x86
URL Status:	Online (spreading malware for 13 days, 14 hours, 44 minutes)
Host:	www.teamc2.duckdns.org
Date added:	2025-11-10 18:36:25 UTC
Threat:	Malware download
URLhaus blocklist:	Blocked
Spamhaus DBL :	Abused domain (malware)
SURBL :	Blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	BlinkzSec
Abuse complaint sent (?):	Yes (2025-11-22 22:58:11 UTC to abuse{at}vpsvault[dot]host)
Tags:	botnetdomain elf mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-11-24	n/a	elf	8f088285f4483b2c56c34efa67f11594d466e73f3fc0b27dddfddb8ec76e7055	40.68%		Mirai
2025-11-23	n/a	elf	7a2aa7939edd72a42eeedb556987deb4a38246cdced8c83886f9cb893394686e	n/a		Mirai
2025-11-22	n/a	elf	2a501c783f0b71ae32f4f66de4f1f39ab7e6c1adf6c45c0fed3a2149ed83e274	41.54%		Mirai
2025-11-12	n/a	elf	70a64a2f61de16f7c53a206ccd45ffd05129d8e176cb69a1972923fbd720a3de	42.86%		Mirai
2025-11-10	n/a	elf	f62447f7b2c027c62d52f128c99b78470fc41eaa55c79e6319750229a1356f36	50.77%		Mirai