URLhaus Database

You are currently viewing the URLhaus database entry for http://213.209.143.64/zerm68k which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3726570
URL:	http://213.209.143.64/zerm68k
URL Status:	Offline
Host:	213.209.143.64
Date added:	2025-12-05 18:23:16 UTC
Last online:	2025-12-19 01:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2025-12-05 18:24:15 UTC to abuse{at}virtualine[dot]org)
Takedown time:	13 days, 7 hours, 19 minutes (down since 2025-12-19 01:43:57 UTC)
Tags:	elf gafgyt mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-12-17	n/a	elf	278ac054a48a876da96c72b249d39cb04e7955efbe847126cec66cc00c2cbfe5	n/a		Mirai
2025-12-17	n/a	elf	98265f19a5dc39c6049063241b296c8dbc9104f122031c8ae30d8ab60c429d76	n/a		Mirai
2025-12-17	n/a	elf	3bcc5cbcfc30f9380af59a93094f9bbfa30aa5051188ae50f2a85750d05cfb94	n/a		Gafgyt
2025-12-16	n/a	elf	44e365fe95ad0c45ffd254d44e67de6022eb751aa0db064616452b7c2eec0d6b	n/a		Gafgyt
2025-12-16	n/a	elf	cf5731a62909f8f133520f356f4a7555a33a42eee5e05e511f7655475c980580	n/a		Gafgyt
2025-12-15	n/a	elf	466ffcd75ecb2bd50892a00cb3080efd6227f9e57f494918882d540624e8afc3	n/a		Gafgyt
2025-12-14	n/a	elf	ae9c8ed1642bc3b8afac4f7d4f074cfdb8aaaf5e2a30767b2fa3e41cf141bf3f	n/a		Mirai
2025-12-13	n/a	elf	26e9a888accc59d766b101af19534f1fc92f1007c82cd0fc2833c369344eb2e8	n/a		Mirai
2025-12-09	n/a	elf	42a946158cdafcee373f6858544a245baa444e929ce7ac9a8354ba183d790c74	29.69%		Mirai
2025-12-07	n/a	elf	dcd75743bdc49d77a6b5b795d40a749aeee1c2a0022216640429b6595eba5b9b	n/a		Mirai
2025-12-05	n/a	elf	e4516536f3f2d6b05853adf10737a56269a0aabc022117e0708c6cedd0303ce2	n/a		Mirai