URLhaus-PL-22eb75dfc037517fc0f62570c77379a708a8769fe654bb7c58177ecb17f3c2ee medium

Description

File type: elf. Size: 44,888 bytes. First seen: 2026-06-19 06:04:45.

• URLhaus: elf Malicious URLs | SOC Hunt Feed
  web:davidgodwinpratt.com

  Hunt Hypothesis The hunt hypothesis detects adversaries using malicious URLs associated with the elf malware family to exfiltrate data or establish command and control. SOC teams should proactively hunt for this behavior in Azure Sentinel to identify and mitigate potential data breaches and lateral movement attempts.

  2026-06-19 08:05 UTC
• URLhaus: elf Malicious URLs | SOC Hunt Feed
  web:davidgodwinpratt.com

  The hypothesis is that the detected URLs are malicious ELF files used by adversaries to deliver payloads or execute code on compromised systems. SOC teams should proactively hunt for these URLs in Azure Sentinel to identify and mitigate potential command and control or data exfiltration activities early.

  2026-06-19 08:05 UTC
• abuse.ch Threat Intelligence Real Time Feed - Spamhaus Technology
  web:docs.spamhaus.com

  A payload gets observed in combination with a URL tracked by URLhaus ; The information on a payload changes for a URL tracked by URLhaus (e.g. malware family associated with a payload ).

  2026-06-19 08:05 UTC
• GitHub - abusech/URLhaus: Open platform for sharing malware ...
  web:github.com

  URLhaus is an open platform for sharing malware distribution sites. This repository provides some sample python3 scripts on how to interact with the URLhaus bulk API.

  2026-06-19 08:05 UTC
• PowerShell Module to retrieve data from URLhaus database - GitHub
  web:github.com

  CacheMinutes - Use with parameter URL or Payload . To prevent unnecessary stress for the online URLhaus API, this parameter defines the time previously retrieved data from the same API endpoint remains cached until the data is fetched from the live API again.

  2026-06-19 08:05 UTC
• URLhaus API — Free Public API | Public APIs Directory
  web:publicapis.io

  Bulk queries and Download Malware Samples Get API details, uptime stats, pricing info, and integration examples for URLhaus .

  2026-06-19 08:05 UTC
• URLhaus | Malware URL exchange
  web:urlhaus.abuse.ch

  URLhaus URLhaus is a platform from abuse.ch and Spamhaus dedicated to sharing malicious URLs that are being used for malware distribution. Report URLs and explore the database for valuable intelligence. Use the APIs, to seamlessly push and pull signals, and automate bulk queries. With this intelligence, gain insights into malware behavior, to help identify, track, and mitigate against malware ...

  2026-06-19 08:05 UTC
• URLhaus | Community API
  web:urlhaus.abuse.ch

  Payload : A payload can be any file (executable, script, document) that harms or infect a computer once downloaded and executed. Some examples: Windows executables, Office documents, PowerShell scripts, Bash scripts, hta, ELF .

  2026-06-19 08:05 UTC

Indicators of Compromise (4)

Each indicator is enriched from the IOC database, threat-intel feed corroboration (Threat Hunt) and VirusTotal. Click one to expand.

References (2)

• Download sample (ZIP, password: infected) URLhaus
• URLhaus payload page URLhaus

Only Available for Registered Users. Sign in to view.