URLhaus Database

You are currently viewing the URLhaus database entry for http://213.209.143.64/bins/zermips which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3726496
URL:	http://213.209.143.64/bins/zermips
URL Status:	Offline
Host:	213.209.143.64
Date added:	2025-12-05 18:09:51 UTC
Last online:	2025-12-18 23:XX:XX UTC
Threat:	Malware download
Reporter:	NDA0E
Abuse complaint sent (?):	Yes (2025-12-05 18:10:21 UTC to abuse{at}virtualine[dot]org)
Takedown time:	13 days, 5 hours, 18 minutes (down since 2025-12-18 23:28:25 UTC)
Tags:	censys elf mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2025-12-18	n/a	elf	3ec3f406ab6e32b212258e9dff737042afab96d29b78ae795512b58952ba89b9	n/a	Mirai
2025-12-17	n/a	elf	87b4850565ff9f51b5fd6c611bbfa26b2d74d8348bc17c51b40195328474f7e9	n/a	Mirai
2025-12-16	n/a	elf	394486579e8cc6232699fd32da6ef0083a4518b7cad4ee5bfd40e1205c231783	n/a	Mirai
2025-12-16	n/a	elf	55dcab8ae03fdc34cf4ce61d6b6a6e912b75bbe0e49ffbda4f8e982dde48174b	n/a	Mirai
2025-12-15	n/a	elf	c55fac0893c1070629bf6437a7fc8770f9e59a12f271be88bfd0d6923de25fd2	n/a	Mirai
2025-12-15	n/a	elf	85202e1d8630db5494bd4dbdf87b1ae55ad7fc8291790d15b94a83349845e4ad	n/a	Mirai
2025-12-14	n/a	elf	b2b93d15faa8ff85b55fea0bbf142a6038d39e3f5a558ef57df6f21f4e252300	n/a	Mirai
2025-12-13	n/a	elf	a80e4e1de88fe991b75358f1197b2e2330ac17269af6cb1a790477da9d734998	n/a	Mirai
2025-12-09	n/a	elf	87fe7aed871eed9653e4aa576c89953b992414f066dbaf8876c5fdbca845565e	n/a	Mirai
2025-12-07	n/a	elf	3f622b288e8182003119ed88145a8c767b94813a364eae2c6e12344c8787ca3e	n/a
2025-12-05	n/a	elf	2e551fe146561dda89f65b47c1e79e7eb7a5a99ca8889d7dbfede5928250ae6c	n/a	Mirai