URLhaus Database

You are currently viewing the URLhaus database entry for http://31.58.226.146/nuts/poop which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3848486
URL: http://31.58.226.146/nuts/poop
URL Status:flame Online (spreading malware for 10 days, 10 hours, 20 minutes)
Host: 31.58.226.146
Date added:2026-05-17 04:28:09 UTC
Threat:Malware download Malware download
Reporter: botnetkiller
Abuse complaint sent (?): Yes (2026-05-17 05:08:14 UTC to abuse{at}cloudbackbone[dot]net)
Tags:CoinMiner elf ua-wget x86

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-05-24n/aelf d1e35e315b645436930b40fd753983401ac5f1f918b77be6ecf6f6d4251e30fen/a
2026-05-22n/aelf eccdaccbd3d947dcff8d6ffd62e2b95b5f62ea62189275d631968903cf88c793n/a
2026-05-22n/aelf 6c7eaa5ac6414f71c4215503ca4b19fd379235f593a51eff299cad04779df1fan/a
2026-05-21n/aelf 545910e1e32aa54fa35baecea2cbe4d4b7433531bbc7d30962888ca4485b5159n/a
2026-05-21n/aelf 7b3b896739b4ec09f361797c60fd68b3a02d71ecbad7c51254d67ebf3817e3ban/a
2026-05-20n/aelf e19a5b0198331c5905d76726290f97da3d9e25b614b6ca814ccea9996f162c58n/a
2026-05-20n/aelf 0b26297bcc18752aa239926fdd62c823ec5db618b409e6467c3c42fb2d1430ben/a
2026-05-20n/aelf 264e4565f6a5802f0a7107c3cd73642ec41fb05e277961cdaadbc0fa726aa49bn/a
2026-05-17n/aelf dda77b783c7f94aa54fc0c73653f644b5f8effb02933f3cc778861e5b0ebbb69n/a
2026-05-17n/aelf 7d6032764df8e706c458e663e5501ce627e4f2985c16ea61e299f2ac429cbcc9n/aCoinMiner