URLhaus Database

You are currently viewing the URLhaus database entry for http://103.75.219.50:44365/Mozi.a which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	812695
URL:	http://103.75.219.50:44365/Mozi.a
URL Status:	Offline
Host:	103.75.219.50
Date added:	2020-11-13 05:04:59 UTC
Last online:	2021-01-30 11:XX:XX UTC
Threat:	Malware download
Reporter:	lrz_urlhaus
Abuse complaint sent (?):	Yes (2020-11-13 05:06:02 UTC to Abuse{at}northtelecom[dot]com)
Takedown time:	2 months, 18 days, 6 hours, 12 minutes (down since 2021-01-30 11:18:40 UTC)
Tags:	elf mirai Mozi

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-01-14	n/a	elf	63346a1f25e63f299201d0c0d9a20f32f127f8accc83030cab7c8add2f37bf6a	61.90%
2021-01-13	n/a	elf	f6645b4590b974e3c52db619a8c65a52d0a6671a73cf991a59e17725262c230d	n/a
2021-01-12	n/a	elf	94d30f5a8741ecc85838aa320ace7b803d614cd6705e36c77604ec8d22bbdf25	n/a
2020-12-23	n/a	elf	620d2c6402bdfac5ea7cad40141a40861c1ee30773e76c84a90f0fcb2831f7a9	n/a
2020-12-18	n/a	elf	444fea053f6bb0a52c2b105eea5f325d24cd668a161bfea963b692b4d94d426a	n/a
2020-11-14	n/a	elf	936f91df2a8e38ebcff2b6b515b4201b7ca0527e3c8c145fd124449d7050400e	n/a
2020-11-13	n/a	elf	12013662c71da69de977c04cd7021f13a70cf7bed4ca6c82acbc100464d4b0ef	69.84%	Mirai