URLhaus Database

You are currently viewing the URLhaus database entry for http://158.94.208.69/arm5 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3778378
URL: http://158.94.208.69/arm5
URL Status:Offline
Host: 158.94.208.69
Date added:2026-02-15 17:03:08 UTC
Last online:2026-02-22 13:XX:XX UTC
Threat:Malware download Malware download
Reporter: botnetkiller
Abuse complaint sent (?): Yes (2026-02-15 17:04:10 UTC to abuse{at}omegatech[dot]sc)
Takedown time:6 days, 20 hours, 0 minutes Bad (down since 2026-02-22 13:04:27 UTC)
Tags:arm elf geofenced mirai link ua-wget USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-02-20n/aelf 07dda2df14aba27bd8442744ce6833e521176a95805429b4195b9a534045d072n/aMirai
2026-02-20n/aelf eda8edb773768ab542bde8abdcaa4002933bd2e27ccd80a2d81174d879fca3d3n/aMirai
2026-02-18n/aelf 07aaca5fee5bc2b347ab6d4ea1852aa68fbf4697cae52ae0b5bc12a864cfbb4en/aMirai
2026-02-17n/aelf fb7545286a90fd3c7975022015b040d9580681323f037d4ea992f40b26f378c0n/aMirai
2026-02-17n/aelf baeafd62fb175fc3e1c6e96b9d3025c9e1f3161cc831e4cc3ee814f924212ba5n/aMirai
2026-02-17n/aelf 7fbd8b70c4ec11802a8a4e9b857278bf81e4f57ad278f3309a87726f2b79fce6n/aMirai
2026-02-17n/aelf 7034dc45a7f8bb126b34319282e49b9ab145f7bdf0a144b861037abfc00e4f55n/aMirai
2026-02-16n/aelf 884cfce6639aef2af9ea3dabeabdac283d46e96d00a1bb660bc2a5aab8969f40n/aMirai
2026-02-16n/aelf 41454808ede0813cf88029de260e9d2827f91b7af2476faf4a2fe4757f8469c0n/aMirai
2026-02-15n/aelf 00def227563541e149047cdbbf610401cbce51c60cec8d3b4c1d1ef77d6869c2n/aMirai