URLhaus Database

You are currently viewing the URLhaus database entry for http://6yd.ru/mpsl which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3718763
URL:	http://6yd.ru/mpsl
URL Status:	Online (spreading malware for 26 days, 17 hours, 13 minutes)
Host:	6yd.ru
Date added:	2025-11-28 17:57:16 UTC
Threat:	Malware download
URLhaus blocklist:	Blocked
Spamhaus DBL :	Abused domain (malware)
SURBL :	Not blocked
Quad9 :	Blocked
AdGuard :	Blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	BlinkzSec
Abuse complaint sent (?):	Yes (2025-12-20 08:13:15 UTC to noc{at}pfcloud[dot]io)
Tags:	elf mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-12-20	n/a	elf	9597a80f69b1dcf45c78cbb72cc519e19c4299eef0d2b3e6c3bdc9aa19210255	n/a		Mirai
2025-12-20	n/a	elf	5f45dd62d1936333fec352b6e44d97075fcd41046229a3ef2f6bf39a7e4e0b8c	n/a		Mirai
2025-12-19	n/a	elf	f717ada653d0adf9a0f1a7c338c9b03521fdc0d8a78356dffc7226c47588dea7	n/a		Mirai
2025-12-04	n/a	elf	449e30caaa96c2833e4f381071095addc874ad4bab41e21225acf6356145c0ed	n/a		Mirai
2025-12-01	n/a	elf	d0986c336af6e6d82a47300244c28d0b546d5fb8dba15bd8356b9aa0803680b9	n/a		Mirai
2025-11-28	n/a	elf	5add3655c138947e54f6e93f583e7704a9a33ea87a1c76eb5322358d9d6d992e	31.25%		Mirai