MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 246220e2eed88df1752483e6c0562a8237dff2c5b96e5dfc6b633aba3455b186. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 246220e2eed88df1752483e6c0562a8237dff2c5b96e5dfc6b633aba3455b186
SHA3-384 hash: 225db959c520344441aeed9839df2f8c803f53f22b5b64bf216529581fcc6873d95ad0bd86a4da3ceeeb6f33c93f9dea
SHA1 hash: f674eddf888c59d01496387b11c832535dcc6976
MD5 hash: c65031d0053d6cfa38417eb215ab499a
humanhash: solar-artist-oven-thirteen
File name:wert
Download: download sample
Signature Mirai
Create hunting rule
File size:759 bytes
First seen:2025-01-20 21:17:23 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 12:DSfjrn+wLcn8kFu2erXuwVrX3HG90qrXdJDrXH/s0wnT60bmQwQp:UmmJkFEBnHG9Jt10+JEp
TLSH T1F901D2CD4AD03741043E6CF6B5B248251142CBCCB2BF5BCAEE5B463889D36507538F86
Magika txt
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://193.143.1.54/nabx86f98d4e91255704c682357e6f154b46d2d304a125dc37e05dacbbe9a54acf6fe5 Mirai501 censys elf mirai ua-wget
http://193.143.1.54/nabmips464b767532880910ad5a615225792238f340f8c020f31599b39bc1e3fc97209d Mirai501 censys elf mirai ua-wget
http://193.143.1.54/nabmpsl5a188fb57cf62e7accc4eca0e37b7ccdec300c6c966dec2531b4e5bd745f369d Mirai501 censys elf mirai ua-wget
http://193.143.1.54/nabarmffe4b4ff099a31da367a0360163f2bde0d1efbdd6743fc7bf17f327c75f9a723 Mirai501 censys elf mirai ua-wget
http://193.143.1.54/nabarm588894ed9b6f7cc1c27ad76365efb8bdcabdc2a3010a79a9d3a740ffa275123c1 Mirai501 censys elf mirai ua-wget
http://193.143.1.54/nabarm62b7e7f9f0f86bbf70b01a526c11e745350d20675e6766bb9e0dfc4b5350f7408 Mirai501 censys elf mirai ua-wget
http://193.143.1.54/nabarm7d08bbb8bdf7ad6597616cef31af12c1c73b0cb138b60bd084b8e89bbee0cfc3a Mirai501 censys elf mirai ua-wget
http://193.143.1.54/nabppc7f2cd5c62a93df35daca4ab57e03a4f0fa0508618a12276a7645c5d1c9afd24a Mirai501 censys elf mirai ua-wget
http://193.143.1.54/nabm68k590e09f8ce567df67f57bbb06b8feb9abe9d77d97216dc7e4aaa279bd2e21f4a Mirai501 censys elf mirai ua-wget
http://193.143.1.54/nabsh48e80bfda3e781b174d629a490fb13ed523ef95ac1008597a4fc8c9f91ba2eabf Gafgyt501 censys elf gafgyt ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
109
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Score:
93.3%
Link:
https://cyber-fortress.com/docs/result/index.php?id=678f4e49b5602ee8cdae3ee7linux22vpnfull_triage
Tags:
shellcode mirai virus
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/678ebd9717177fed56b489fa/reports/6f828013-7884-4493-8f09-d1665ed68252/overview
Verdict:
Malicious
Labled as:
HTML/ExpKit.Gen2
Link:
https://www.hybrid-analysis.com/sample/246220e2eed88df1752483e6c0562a8237dff2c5b96e5dfc6b633aba3455b186
Result
Verdict:
UNKNOWN
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/246220e2eed88df1752483e6c0562a8237dff2c5b96e5dfc6b633aba3455b186
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/246220e2eed88df1752483e6c0562a8237dff2c5b96e5dfc6b633aba3455b186/
Threat name:
Document-HTML.Downloader.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2025-01-20 21:11:04 UTC
File Type:
Text (Shell)
AV detection:
9 of 24 (37.50%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=errcbyxo3cg7c5jeqptmavrkqi3574wfxfxf37dlmm5luncvwgda._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/246220e2eed88df1752483e6c0562a8237dff2c5b96e5dfc6b633aba3455b186

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 246220e2eed88df1752483e6c0562a8237dff2c5b96e5dfc6b633aba3455b186

(this sample)

Mirai

elf f98d4e91255704c682357e6f154b46d2d304a125dc37e05dacbbe9a54acf6fe5

  
URLhaus
https://urlhaus.abuse.ch/url/3407603/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3407703/
  
URLhaus
https://urlhaus.abuse.ch/url/3407858/
  
URLhaus
https://urlhaus.abuse.ch/url/3407861/
  
URLhaus
https://urlhaus.abuse.ch/url/3407898/
  
URLhaus
https://urlhaus.abuse.ch/url/3407998/
  
URLhaus
https://urlhaus.abuse.ch/url/3408126/
  
URLhaus
https://urlhaus.abuse.ch/url/3408132/
  
Dropping
MD5 34e8d23d10066f1c96cabd921dc8dcac
  
Dropping
SHA256 f98d4e91255704c682357e6f154b46d2d304a125dc37e05dacbbe9a54acf6fe5

Comments