URLhaus Database

You are currently viewing the URLhaus database entry for http://teamc2.duckdns.org/bins/arm7 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3722817
URL:	http://teamc2.duckdns.org/bins/arm7
URL Status:	Online (spreading malware for 23 days, 1 hours, 58 minutes)
Host:	teamc2.duckdns.org
Date added:	2025-12-02 05:05:22 UTC
Threat:	Malware download
URLhaus blocklist:	Blocked
Spamhaus DBL :	Abused domain (botnet C&C)
SURBL :	Blocked
Quad9 :	Status unknown
AdGuard :	Blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Blocked
DNS4EU :	Not blocked
Reporter:	BlinkzSec
Abuse complaint sent (?):	Yes (2025-12-02 05:06:17 UTC to report{at}abuseradar[dot]com)
Tags:	botnetdomain elf mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-12-15	n/a	elf	0a61672a8fa4115cc530b8b7651c20d5e9030af98f99ed92b35cdb6e8fc7c9e2	n/a		Mirai
2025-12-14	n/a	elf	64405f1ae6ba8a9d480f92b5bdda6187b67e0723dd654b2ad9d3914065754d70	n/a		Mirai
2025-12-13	n/a	elf	19caed3f5ccfad4c6a546ef382e0b6e563226004db6cd02fb64d12ba2419f7b4	n/a		Mirai
2025-12-12	n/a	elf	96d3a171d72322dab760a87d3f21d75ed31308655fbafea0319e4b4a18a4ab07	n/a		Mirai
2025-12-04	n/a	elf	c78671b22a890c1ba1dbddb516ac0a19b51f96c952249db60085b06bd98c88d4	n/a		Mirai
2025-12-02	n/a	elf	98386a87bf3cbbbb23e8b8c24d1ad217540e1d947dffa7acbf0e33fecac78324	37.50%		Mirai