MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 48c914a44d5006edee84d550ad9ba6007549f7af27b2e683a61f297e9589235b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 48c914a44d5006edee84d550ad9ba6007549f7af27b2e683a61f297e9589235b
SHA3-384 hash: c48fa32d3a71bcbd93644661e9927f3d0c1622bc3dd4fd6e1efda6c42640f5b049567e040831b544307a12fea39c4209
SHA1 hash: b66153f57f5af6477f70ea2d3283921e0a85d67e
MD5 hash: 63d44ea373fcdb87c5c3b54629965170
humanhash: sink-magazine-mountain-mike
File name:hell.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:450 bytes
First seen:2025-12-05 18:24:10 UTC
Last seen:2025-12-07 00:10:29 UTC
File type: sh
MIME type:text/plain
ssdeep 12:fXhfLK6zXS1QWhlaLaNghqhSNIE62SfhRHGZyhMy/r:fRDK6zXAQMlaLaNg2SNIL3RHbMyj
TLSH T174F037FD002FDF67C1584E19B061A03BB13247DE25E2C78DAFC5741AB64D510B272D11
Magika batch
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://213.209.143.64/splarm716363496c05fe7ba8373d58f349a1dc8d037ac665942ead0fec348dd9df7a500 Miraicensys elf mirai ua-wget
http://213.209.143.64/splarm574667b2147b1c66d8d72fa2ea8a92e8403617f2d8cdb26e17b30a5da51aa0d58 Miraielf mirai ua-wget
http://213.209.143.64/splarm62e8928cc1c43c7074aaf2e7863e4fd5243705477345f40df4c51beeec9022497 Miraielf mirai ua-wget
http://213.209.143.64/splmips7057cc44a140433a4b662626a7bc81638ff06db4bbbcbf0d80fe11650a17a132 Miraielf mirai ua-wget
http://213.209.143.64/splmpsl2d7050a46a7f2cbf557a6b5e03b0ec750d8eff591c5eba7060307c063ab1e2e0 Miraielf mirai ua-wget

Intelligence

File Origin
# of uploads :
2
# of downloads :
34
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
evasive mirai
Link:
https://www.filescan.io/uploads/6933236bbc15eab491f57caf/reports/ae53edac-f889-4b5a-a2bd-32c84fda6d1f/overview
Verdict:
Malicious
File Type:
text
First seen:
2025-12-05T16:58:00Z UTC
Last seen:
2025-12-06T06:56:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/48c914a44d5006edee84d550ad9ba6007549f7af27b2e683a61f297e9589235b/results?tab=lookup
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/48c914a44d5006edee84d550ad9ba6007549f7af27b2e683a61f297e9589235b
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/48c914a44d5006edee84d550ad9ba6007549f7af27b2e683a61f297e9589235b/
Threat name:
Document-HTML.Downloader.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2025-12-05 18:28:23 UTC
File Type:
Text (Shell)
AV detection:
8 of 37 (21.62%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=jderjjcnkado33ue2vik3g5gab2ut55pe6zona5gd4ux5fmjennq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/251205-w4mncsh14c/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/48c914a44d5006edee84d550ad9ba6007549f7af27b2e683a61f297e9589235b

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 48c914a44d5006edee84d550ad9ba6007549f7af27b2e683a61f297e9589235b

(this sample)

Mirai

elf 4cb082a8c97e22c41d2bdace84f90f8ee158ddb0312f442bbe6f883516e3b640

  
URLhaus
https://urlhaus.abuse.ch/url/3726510/
  
Delivery method
Distributed via web download
  
Dropping
MD5 1821b583ce3dcdaaa872aabcff014bd1
  
Dropping
SHA256 4cb082a8c97e22c41d2bdace84f90f8ee158ddb0312f442bbe6f883516e3b640
  
URLhaus
https://urlhaus.abuse.ch/url/3727681/

Comments