URLhaus Database

You are currently viewing the URLhaus database entry for http://cnc.504.su/sparc which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3740239
URL: http://cnc.504.su/sparc
URL Status:flame Online (spreading malware for 2 days, 2 hours, 6 minutes)
Host: cnc.504.su
Date added:2025-12-22 15:23:21 UTC
Threat:Malware download Malware download
URLhaus blocklist:Blocked
Spamhaus DBL :Abused domain (malware)
SURBL :Blocked
Quad9 :Blocked
AdGuard :Blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Blocked
Reporter: BlinkzSec
Abuse complaint sent (?): Yes (2025-12-22 15:24:19 UTC to abuse{at}lanedo[dot]net)
Tags:botnetdomain elf mirai link ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-12-24n/aelf e9ae4f7aca236d739bdf6dfa67433868c9ad457052aa6d624740d7971144dd20n/a
2025-12-24n/aelf 8355eb6efe92453baec32ebcd98f6a21740bc184f2a4a6f9500ad8f64a2d6fe4n/a
2025-12-24n/aelf 15d20d99330f147baa22ba36270382d25c05a52285dffcf73bfa6510bba2094dn/aMirai
2025-12-23n/aelf 7c1ce6058dd3e5c26b74c027c353ca2f02dcf2b05faca4f07e4dc5530a874ef5n/aMirai
2025-12-23n/aelf b696b4ecb614520f3e1b23b32e6e4ccc3a1c9b8eccb705d2e8745308e33eff47n/aMirai
2025-12-22n/aelf 3ccaefb4a9cb7a8785f85b20c02627adff44be58567f9dca1a0e4073d45f23ddn/aMirai
2025-12-22n/aelf 991c6e36ff3aae94347c64ccdcf66faf3f8daadcc0f5bce3c9db17fcdbfc27b3n/aMirai
2025-12-22n/aelf 5495a81fbd02cfe75bbc9b5a41b8d82ab1f4158d8af1bbed42e71493c50e31fan/aMirai