URLhaus Database

You are currently viewing the URLhaus database entry for http://176.65.139.59/hiddenbin/boatnet.x86_64 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3809124
URL:	http://176.65.139.59/hiddenbin/boatnet.x86_64
URL Status:	Online (spreading malware for 1 month, 2 days, 6 hours, 36 minutes)
Host:	176.65.139.59
Date added:	2026-03-31 12:21:18 UTC
Threat:	Malware download
Reporter:	BlinkzSec
Abuse complaint sent (?):	Yes (2026-03-31 12:22:18 UTC to abuse{at}stormindustries[dot]llc)
Tags:	elf gafgyt mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2026-05-02	n/a	elf	84de113f126e4d984b9380f8ec56b8e733d4f9e4415b5de2962fa9b48a3677d3	n/a	Gafgyt
2026-05-02	n/a	elf	6a63b828e08d3de36d9b3996b706bee865ee4fe1c44483b9d0e12b5b6411540b	n/a
2026-05-01	n/a	elf	79829515f86d7fa635c0344e891dd3139db8cf2154c3936b6edc6acf19d97451	n/a
2026-05-01	n/a	elf	925bc2c66a91a746962cf13f4d8f51bfc0297da9e20d878f2d064fe55c648306	n/a
2026-04-29	n/a	elf	519dfc20fd53aa8a5a81e1f86323b266f1b35ca05de6a05ef71cd15c06c7cadf	n/a	Mirai
2026-04-27	n/a	elf	85e8c28536f6c8e7135ff25d97045e834c9bc4e163bd7ec5f81bc56037b4b58a	n/a	Mirai
2026-04-24	n/a	elf	ba47ee9911c3745c82159bf64d2f419c6f46a5083a8766d79ad596909d7764da	n/a	Mirai
2026-04-23	n/a	elf	9402444c99fccff14a6d2c13cc045002f8a1faab4fff9d4bd61039dd4cf7e1ea	n/a	Mirai
2026-04-19	n/a	elf	e275e7547d47bbbab2915bbefa04595e111f4950b44d16c857820e8e996370d6	n/a	Mirai
2026-03-31	n/a	elf	36283e93299fb13567ff63d1ba6f1ae5a54a345473a6c30263ad45f61b2eb4b8	n/a	Mirai