MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 15a052bbb7094ac716409fda61f72dc816ddf18988ff2991c92de2ff509dfc15. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 15a052bbb7094ac716409fda61f72dc816ddf18988ff2991c92de2ff509dfc15
SHA3-384 hash: 8568b59c71e06f00c2747cb0949c598a96c32680f1a2ff2002c4e840aaae4c82d6aa15b0a1ebe402a206ab1453527d0f
SHA1 hash: 465a21da945cfe72ad1aff84662db8cb784eda7a
MD5 hash: 2aa7ccea42964b3ba190c21d7aae35eb
humanhash: kansas-hydrogen-london-texas
File name:ah
Download: download sample
Signature Mirai
Create hunting rule
File size:439 bytes
First seen:2025-02-11 18:26:30 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 12:4Ae6949dJ3+qEoy4gZesFrFBEGgbu+yfuT+JF8EpASLye:E6a9X+FmWrTBEGjTuyLpvR
TLSH T1CEF0A01DF10C8BFFA416498E6EA939ED611E9198DA8F1F54A9B81D1A7489D685180022
Magika shell
Reporter abuse_ch
Tags:mirai sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
93
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.DownLoader.2243.918.16168.UNOFFICIAL
Create hunting rule

Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67ab96d63f78927cc2ccdd75linux22vpnfull_triage
Tags:
n/a
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/67ab96d013296c55fb2c41f3/reports/b6c3c5a6-9223-4e2c-bb0f-1a98af309661/overview
Result
Verdict:
MALICIOUS
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/15a052bbb7094ac716409fda61f72dc816ddf18988ff2991c92de2ff509dfc15
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/15a052bbb7094ac716409fda61f72dc816ddf18988ff2991c92de2ff509dfc15/
Threat name:
Script-Shell.Trojan.Geninst
Create hunting rule
Status:
Malicious
First seen:
2025-02-11 18:23:22 UTC
File Type:
Text (Shell)
AV detection:
12 of 24 (50.00%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=cwqffo5xbffmofsat7ngd5znzaln34mjrd7steojfxrp6ue57qkq._file
Result
Malware family:
n/a
Score:
  8/10
Tags:
discovery
Link:
https://tria.ge/reports/250211-w4g3wawldl/
Behaviour
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates physical storage devices
System Location Discovery: System Language Discovery
System Network Configuration Discovery: Internet Connection Discovery
Downloads MZ/PE file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Mirai
Score:
0.90
Link:
https://yomi.yoroi.company/submissions/15a052bbb7094ac716409fda61f72dc816ddf18988ff2991c92de2ff509dfc15

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 15a052bbb7094ac716409fda61f72dc816ddf18988ff2991c92de2ff509dfc15

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3436399/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3436411/

Comments