MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 55b360eff950639ca3a9444a9612e86da67175f3b74f5585842d4dd30a2b40f8. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 55b360eff950639ca3a9444a9612e86da67175f3b74f5585842d4dd30a2b40f8
SHA3-384 hash: 14901748f2f9d3c81c3716498180e0165286458a7ef6bbe005004cb7a85cd6e2f28098557ca842d5cf6eb6f50ba7a7cd
SHA1 hash: a43bdb95b0a70b1ad2cacd98bbc63210241a68a6
MD5 hash: e9c7ca2799401cf605275512d531093e
humanhash: enemy-angel-lima-pennsylvania
File name:pdvr
Download: download sample
Signature Mirai
Create hunting rule
File size:759 bytes
First seen:2025-02-26 19:48:46 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 12:yY1OT3H8BuOE3HPq6PYdUNdNGQOm3dTa3drr6Y0voZFSpJ:p238Bux3+qNGQ3NTSyHwfc
TLSH T19E010CC91AE13B1E88586D2FB395C82E50849B4CB87B47C5F9C72939E6C59413035FAB
Magika txt
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://46.19.143.10/jklx8628bb529e99c8730de533d64995979a491d6af643ddcd99997788ff945dc6b426 Miraimirai opendir
http://46.19.143.10/jklmips6fc1f441c08b49ceb3083fa2a201d424c5282ec7a5cd2431bd017490ba2b23de Miraimirai opendir
http://46.19.143.10/jklmpsl0ee587fea341d9da43777102b508c6017d29ad537594afa596e042d4ecd67cf8 Miraimirai opendir
http://46.19.143.10/jklarmfc96aa360ca3f3318444f338f9131a9a43c00beb3e812e639cfe80f07219c9a7 Miraimirai opendir
http://46.19.143.10/jklarm5270336c1d58b1ffaa8ebba18d47d73c2451fa149194f37cc44e980ac96cf1443 Miraimirai opendir
http://46.19.143.10/jklarm6906399d69e39253d0551c6bf9c59451b2ee12e5e7e8ac557040b38c6b813e711 Miraimirai opendir
http://46.19.143.10/jklarm7494100c806fe62f35ed5c3be8beff7469d490f0ab1f0bb7e48cff5ee2338c704 Miraimirai opendir
http://46.19.143.10/jklppcb825d7abc8614fc03e79be548c6ef93dd9f759e6713e2b4a7a7f596edf43aeb8 Miraimirai opendir
http://46.19.143.10/jklm68k50f4f9c94f0a96aead95a0ca2866a99bda3d3f9d8c2360a02bd993dfc37c5f2a Miraimirai opendir
http://46.19.143.10/jklsh4ba7faa58d615bd5f4ebaaf7f42b7fe484639b7a0a96217c541b592837899d4e7 Miraimirai opendir

Intelligence

File Origin
# of uploads :
1
# of downloads :
75
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Score:
97.4%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67c001df28ab76d43a5da633linux22vpnfull_triage
Tags:
phishing mirai
Verdict:
Unknown
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/67bf7058e95d0f9029e06c8f/reports/1446ff0b-10fc-4f46-95a2-f56de88cc8ad/overview
Verdict:
Malicious
Labled as:
HTML/ExpKit.Gen2
Link:
https://www.hybrid-analysis.com/sample/55b360eff950639ca3a9444a9612e86da67175f3b74f5585842d4dd30a2b40f8
Result
Verdict:
UNKNOWN
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/55b360eff950639ca3a9444a9612e86da67175f3b74f5585842d4dd30a2b40f8
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/55b360eff950639ca3a9444a9612e86da67175f3b74f5585842d4dd30a2b40f8/
Threat name:
Document-HTML.Downloader.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2025-02-26 20:00:24 UTC
File Type:
Text (Shell)
AV detection:
9 of 38 (23.68%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=kwzwb37zkbrzzi5jirfjmexinwthc5ptw5hvlbmefvg5gcrlid4a._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/55b360eff950639ca3a9444a9612e86da67175f3b74f5585842d4dd30a2b40f8

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 55b360eff950639ca3a9444a9612e86da67175f3b74f5585842d4dd30a2b40f8

(this sample)

Mirai

elf f373c7b87b0ed7bddefbcb25623e60f9e1da7e6900a0553c435cdd91fbf5b383

  
URLhaus
https://urlhaus.abuse.ch/url/3458307/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3458342/
  
URLhaus
https://urlhaus.abuse.ch/url/3458369/
  
URLhaus
https://urlhaus.abuse.ch/url/3458441/
  
URLhaus
https://urlhaus.abuse.ch/url/3458698/
  
URLhaus
https://urlhaus.abuse.ch/url/3458783/
  
Dropping
MD5 1fee4f85de36e4039a855de319da7c0b
  
Dropping
SHA256 f373c7b87b0ed7bddefbcb25623e60f9e1da7e6900a0553c435cdd91fbf5b383

Comments