URLhaus Database

You are currently viewing the URLhaus database entry for http://213.209.143.64/zermpsl which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3726584
URL: http://213.209.143.64/zermpsl
URL Status:Offline
Host: 213.209.143.64
Date added:2025-12-05 18:23:19 UTC
Last online:2025-12-17 23:XX:XX UTC
Threat:Malware download Malware download
Reporter: abuse_ch
Abuse complaint sent (?): Yes (2025-12-05 18:24:15 UTC to abuse{at}virtualine[dot]org)
Takedown time:12 days, 5 hours, 25 minutes Bad (down since 2025-12-17 23:49:46 UTC)
Tags:elf mirai link ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-12-17n/aelf b1ee0fe9064f62c1674ed8afbeb6d175feec0ce7bb61213e3cc5e66059e7b88cn/aMirai
2025-12-17n/aelf 6df6c474e07e0933173e44adb9434781766bd121aeed0b78157f4a031894fb13n/aMirai
2025-12-16n/aelf 3de21fca923b53f5f10d8a5046e5c7548522572ec1f025ac83cd5b127c1e1628n/aMirai
2025-12-16n/aelf b470978163ab946eab5a157fbca460afbbfb2d8504188e77499f979e15467b98n/aMirai
2025-12-15n/aelf c3290a5545e4b5c0b6f749652b62142c988a44e9062a24b929cbbd618a9dfeb2n/aMirai
2025-12-15n/aelf 9ec4c9520f01f69fcb0174f7d1dc43b2906ee1eca0dd6479869b010d4b21f855n/aMirai
2025-12-14n/aelf 380bdacb8d97dffc072b174281e49bf343d7bedfb35f306375b5d85cc981d269n/aMirai
2025-12-13n/aelf 0aa5ee09aacde092639f9851b468ce26b431e4950ce0014bb30eb0f1bd60f128n/aMirai
2025-12-09n/aelf 957d34c75d6dbf72c05f20ffdb9589c58c66dce41b521fb2e714a190c1b9592an/aMirai
2025-12-07n/aelf d601648e9899e851aeed28f8647b34e99568d2db7ec355b1bb006a13ef3193a8n/aMirai
2025-12-05n/aelf 5745815ce0145c5fe6ea287c6f86381ae72ba9d141f64412877f7c3bd4ad0dfdn/aMirai