URLhaus Database

You are currently viewing the URLhaus database entry for http://158.94.208.69/arm4 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3778380
URL: http://158.94.208.69/arm4
URL Status:Offline
Host: 158.94.208.69
Date added:2026-02-15 17:03:08 UTC
Last online:2026-02-22 13:XX:XX UTC
Threat:Malware download Malware download
Reporter: botnetkiller
Abuse complaint sent (?): Yes (2026-02-15 17:04:10 UTC to abuse{at}omegatech[dot]sc)
Takedown time:6 days, 20 hours, 1 minutes Bad (down since 2026-02-22 13:05:53 UTC)
Tags:arm elf geofenced mirai link ua-wget USA

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-02-20n/aelf 5205d6ba7f178eef4f5bf57bed13f771baf0746d2508e936f0c065436daaeb2fn/aMirai
2026-02-20n/aelf 198a4749e76f1e711c92a09eac82df93038f504fee00b39985b817a510ba6d0bn/aMirai
2026-02-20n/aelf fe842fa0501b400284e16e101478c1e33c846145079227aa9c9ad499dbc7158fn/aMirai
2026-02-18n/aelf 074e3c2812afb7695b269df9c010f7208e50188648e5bf2c0eeb2b7b6ea01c5dn/aMirai
2026-02-17n/aelf 0ce6493de469904419813da8d187ea8c128ff0ce08c3fbe6306afaf9ca740ae0n/aMirai
2026-02-17n/aelf ce4c985feddaa9010c0425facf2b1545d7e4abccb11884fc7bde1d16db2098f7n/aMirai
2026-02-17n/aelf 88683bda10a8e51d73a72f596a3f05ed6b44aa1a56fc758db66cdc55fdbda4c4n/aMirai
2026-02-17n/aelf f5c16837aaba4998ef0694bc143c8b9d32fd4dacd87083821ff42f72ccb7d4b8n/aMirai
2026-02-16n/aelf 2794c0c0323058fd26978e492749979a6df335167cb6cebe9ad21de6de4ce72fn/aMirai
2026-02-16n/aelf 4e77f66a0d6aea463c35eaaeb9d1c3bfb8ec990a777768111e2423085d50b0fen/aMirai
2026-02-15n/aelf 8e588b95c688f0cd54d687c684cf10c86fa6f65c8359a3e5355dc3cf77272897n/aMirai