URLhaus Database

You are currently viewing the URLhaus database entry for http://143.20.185.225/bin/debug which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3711453
URL:	http://143.20.185.225/bin/debug
URL Status:	Online (spreading malware for 3 months, 16 days, 3 hours, 20 minutes)
Host:	143.20.185.225
Date added:	2025-11-18 17:16:18 UTC
Threat:	Malware download
Reporter:	DaveLikesMalwre
Abuse complaint sent (?):	Yes (2025-11-18 17:17:16 UTC to report{at}abuseradar[dot]com)
Tags:	mirai opendir

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2026-03-04	n/a	elf	55da8e0c9e5ddccd0b17cfb9fe04867f5583e1f04d7db76960a8c3df060c0b04	n/a		Mirai
2026-03-04	n/a	elf	64c2813297d0cf94cee79df1a896b620dcad5e97e127659b7d227e7a49509b53	n/a		Mirai
2026-01-17	n/a	elf	28f463829facf79a507c6521a7e9917c90f9c9cfe67251a7f35fb067894325a3	n/a		Mirai
2026-01-14	n/a	elf	8722364e6484393e70c820ce1cc25a6835bf671eee7d535c27906e39e9a59835	n/a		Mirai
2025-12-04	n/a	elf	296724ae77939294f95b72db61aacd8122ab5e28f15e7873b6358316c77485f2	n/a		Mirai
2025-11-27	n/a	elf	4eb8f2bf3fd85e095b2f240ddc01526c4ed59cc1c86eee8937e18a8a8ab4f061	n/a		Mirai
2025-11-26	n/a	elf	247a1ed5b5036501e2dff14f6d63ba56672b89234f7ea54e58a77678e8efaf16	43.08%		Mirai
2025-11-20	n/a	elf	542131b62447f75d77ca799a08cdb65c41040287df1147adca357e46d5cb0eca	58.46%		Mirai
2025-11-18	n/a	elf	c7949b9b6ce3e1ab5aa565edcfb24eaf71f2ad9fbd213dd10e5e1d5290a45a6e	43.08%		Mirai
2025-11-18	n/a	elf	b8a175425845fabbbc8319272e89c4091277b68f879e7200f3ac3dc333517207	n/a		Mirai