URLhaus Database

You are currently viewing the URLhaus database entry for http://187.68.36.28:36382/Mozi.m which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	827843
URL:	http://187.68.36.28:36382/Mozi.m
URL Status:	Offline
Host:	187.68.36.28
Date added:	2020-11-17 23:51:57 UTC
Last online:	2020-11-25 12:XX:XX UTC
Threat:	Malware download
Reporter:	lrz_urlhaus
Abuse complaint sent (?):	Yes (2020-11-17 23:52:15 UTC to abuse{at}lacnic[dot]net)
Takedown time:	7 days, 12 hours, 15 minutes (down since 2020-11-25 12:07:55 UTC)
Tags:	elf mirai Mozi

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-11-24	n/a	elf	daaf15d5d51ec4a54e072691c15fc39a544a53658a63d4c7b06a2070ee76cc60	25.42%
2020-11-24	n/a	elf	6248be254613b9c0c1683692544c69f0bda6bc0f9bcc347f67b99044e37c2597	28.57%
2020-11-24	n/a	elf	20439d664909598a79849e5504f7e645edc0561dbe1bcea1bc0848310de3ded7	26.67%
2020-11-24	n/a	elf	bc9c53e558f0b1d88db9eb412e0df469c4330e2e31d3c934fb5b305f56e12ce8	24.56%
2020-11-24	n/a	elf	152a4692267842dd5fea26ad7def50d40df6a6785bc0eb6c15c2d9a0f5417dfb	27.87%
2020-11-24	n/a	elf	a8a49eb4cd41761fe6e28ff6b08ce6ddae0a38b2572b741ce77a5fe81a914c2f	19.67%
2020-11-23	n/a	elf	2ae391eb78447eec12c8a0cf227ab42a78c21d196ebc222cd16aade22b04a5e0	29.51%
2020-11-21	n/a	elf	a5311bb86dc6eb66bb515811c41d80438db0cc6ce1c58172195d3e076761084b	n/a
2020-11-21	n/a	elf	c13846be94bbc18f5e35602c608a0e23a9d4e6b870cce86f4ff23572338a8e5f	21.31%
2020-11-21	n/a	elf	8a98761315a40aee09015ab5e04d671d4449a240f3f4dead3c6afbe3956f69fc	20.00%
2020-11-21	n/a	elf	66e6665f167383f8a481efd8d6351f0f4aefab6fef2d3472138bd0e9f769baab	29.51%
2020-11-21	n/a	elf	a215a991b5497e3ffcaf0d0966cd6a101ab8b3b257ef3313a309257f63768c0c	26.67%
2020-11-21	n/a	elf	99b61eef3778d39ef34aed58b5f015e437b68389e2045fc57563a1518cbb2bc5	20.00%
2020-11-21	n/a	elf	bfc944f0cc51510118b513cd2e2a190bb17eced364a5331cd29a710e478576af	20.00%
2020-11-21	n/a	elf	98622d21c7d278e151fac38f78fdd0176f915c64304a042d7e49ef17f156583a	26.79%
2020-11-20	n/a	elf	894d24eef208a56d2c4dec1a364ef975ac5705795b9648b5c77e6c758ea1ba59	27.12%
2020-11-18	n/a	elf	b166bc82910d789636ad8c67da27acaec85b575bd669f34cb3c2f3bf6f3bf89f	20.00%
2020-11-18	n/a	elf	41d065d98ade5747a36b860406b99205fe495258b4cb68aa16ce30b1c2386b86	n/a
2020-11-18	n/a	elf	78faa7c818b75ee22e3dc446e2d1d311d2c01d0d3a0f5a23793b1a6331e9dd0c	19.67%
2020-11-18	n/a	elf	53e6c6c9c94a201dfd04d1ac47401cdb032bdb520f019fa333946383be97f41a	30.91%
2020-11-17	n/a	elf	9e0a15a4318e3e788bad61398b8a40d4916d63ab27b47f3bdbe329c462193600	63.49%	Mirai