URLhaus Database

You are currently viewing the URLhaus database entry for http://187.26.2.136:33796/Mozi.m which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	670923
URL:	http://187.26.2.136:33796/Mozi.m
URL Status:	Offline
Host:	187.26.2.136
Date added:	2020-10-08 16:37:04 UTC
Last online:	2020-10-10 03:XX:XX UTC
Threat:	Malware download
Reporter:	lrz_urlhaus
Abuse complaint sent (?):	Yes (2020-10-08 16:38:11 UTC to abuse{at}lacnic[dot]net)
Takedown time:	1 day, 10 hours, 43 minutes (down since 2020-10-10 03:21:33 UTC)
Tags:	elf mirai Mozi

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-10-10	n/a	elf	62ca0941feb862a5bb319cb3dbe184c53306306f4d613458d7e081adb18b587d	20.00%
2020-10-10	n/a	elf	e879355b302be3fef5f4853a849d6d9446c65f6a222032b7ec62cd1338fd75b7	22.03%
2020-10-09	n/a	elf	35d3d77484c21c2bf0dca947ffec3fae8776fadda58d4bdcf1543665501bf878	18.03%
2020-10-09	n/a	elf	9235b8e7a4a555ec210c8a85f1982dcb96b97bcce03f9fb8c3ed2215e66c7355	20.00%
2020-10-09	n/a	elf	fcc2d5b47faf70344b5e1ebcaf82288d82d294de8f3ac6a4d5522db0eb13fbb5	n/a
2020-10-09	n/a	elf	fc0bb65fbeef7e034a38a68b0bd9b73511d9126fe8fa262642a885db3e54c768	20.00%
2020-10-08	n/a	elf	9e0a15a4318e3e788bad61398b8a40d4916d63ab27b47f3bdbe329c462193600	61.02%	Mirai