URLhaus Database

You are currently viewing the URLhaus database entry for http://jbrj92scltrbtv7mzejvmovw.duckdns.org/hiddenbin/boatnet.arm7 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	3828859
URL:	http://jbrj92scltrbtv7mzejvmovw.duckdns.org/hiddenbin/boatnet.arm7
URL Status:	Offline
Host:	jbrj92scltrbtv7mzejvmovw.duckdns.org
Date added:	2026-04-22 16:48:14 UTC
Last online:	2026-05-01 12:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Blocked
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Not blocked
Reporter:	BlinkzSec
Abuse complaint sent (?):	Yes (2026-04-22 16:49:14 UTC to abuse{at}stormindustries[dot]llc)
Takedown time:	8 days, 19 hours, 31 minutes (down since 2026-05-01 12:20:29 UTC)
Tags:	botnetdomain jbrj92scltrbtv7mzejvmovw-duckdns-org mirai ua-wget

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2026-05-01	n/a	elf	d0e0a149b4a2acb3355bd40a94a0340bfda490e752709c2a58ec2132fbe49d18	n/a	Mirai
2026-04-30	n/a	elf	0f2568af829c7ef2302df08f001dc04348cb7dae05504a362ae1f0667c3789f0	n/a	Mirai
2026-04-29	n/a	elf	4d5c4f63753481fa580d38eff8ada32cb0ff32f0ded97313bb15a163f25fabd5	n/a	Mirai
2026-04-28	n/a	elf	e8d2e5f04ea161a44be933d81609a2e6e05d31f7b28281562fc76969cab7e207	n/a	Mirai
2026-04-27	n/a	elf	91a48451d767181ce03a62977eedbb448c491759d310ff094fb4befdf495966c	n/a	Mirai
2026-04-22	n/a	elf	9b7d8010b3a117f1944b2bae246c150b008c65d3a5d76346a78a18ad6bce3080	n/a	Mirai