URLhaus Database

You are currently viewing the URLhaus database entry for http://205.237.110.232/proxy/aarch64 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:3885804
URL: http://205.237.110.232/proxy/aarch64
URL Status:flame Online (spreading malware for 3 days, 21 hours, 16 minutes)
Host: 205.237.110.232
Date added:2026-07-13 07:53:24 UTC
Threat:Malware download Malware download
Reporter: abuse_ch
Abuse complaint sent (?): Yes (2026-07-13 07:54:17 UTC to report{at}zetservers[dot]com)
Tags:elf mirai link ua-wget

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-07-16n/aelf 79e70f6eeddc2cb6a68a125ce45e985100cb51e35f66a327d97d5fa0e308327cn/a
2026-07-14n/aelf e33b85ce4d37ecdf5ed7c28bbc28af4de1681596f57766dd0ea74bda6eababc1n/aMirai
2026-07-13n/aelf 95f08187d0a5572a0b2efba21b0dae6155d7a1b4a4b17034c768b2fbe920626en/aMirai
2026-07-13n/aelf a339db9dbd6857c951be822bbfbbfd765747ad12cdf17ce184b5dadb9b44bf16n/aMirai
2026-07-13n/aelf 4ee246fed8f027f02603657921e4cc60340ca0f4971139fab528b93f75a5c8e2n/aMirai