MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a896fbc9f57762aca71073f9398d8bdcbc359cedcf57073f72b0d89f2b8218cb. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a896fbc9f57762aca71073f9398d8bdcbc359cedcf57073f72b0d89f2b8218cb
SHA3-384 hash: f35b3611192ecde9cbc8ffa7cd394bf2b418f7fe87d86a82d0fadbb39ae7b0706c273eef78c33cbc5a9c91c47366af3d
SHA1 hash: b74aee820795ced170426ccc4b43b25729e0b55e
MD5 hash: 0efabea5926a7e4a37cdd23484411fa2
humanhash: equal-thirteen-hamper-zulu
File name:curl.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:879 bytes
First seen:2025-06-11 20:29:27 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 24:3J30oGnqoroCqomGNIxyQqo9XKoqocJqoV9qofkNqoJFqol9qo6rqobO:6hnqWoCqvRqkXtqNJqU9qCkNqaFq+9qe
TLSH T1E71170E8905CFC923A7C8E14F8B36C486901CDE29AD48D14EBA5D4768A95F4DA47C335
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://160.250.137.130/bins/cutearmfc61174dddd0814b0effddaf4fcee01563160c4d6ae595b416d90427769d1e4c Miraicensys elf mirai ua-wget
http://160.250.137.130/bins/cutearm5687fb865cadacdb47e8beac92688cd6f65c4043474c536fa37fe95c6810aba0b Miraicensys elf mirai ua-wget
http://160.250.137.130/bins/cutearm6fb75502e6b65bba805b7306aaa7d03b4e235aea863840a39b7c7955ba27d7ad2 Miraicensys elf mirai ua-wget
http://160.250.137.130/bins/cutearm7dc9504e6ca629767d2b0ed742c735c79456230d35112b0d0daa836fa614a4dcf Miraicensys elf mirai ua-wget
http://160.250.137.130/bins/cutem68k1ef1ae1cf2c61b629a049fbff9fc170c6da52f21d66a54b71685b9830cb943ae Miraicensys elf mirai ua-wget
http://160.250.137.130/bins/cutemipsbc99af83a368d0f3a66eff458931253ca2b77587d0ac8d7187d8a0dfeb6c4166 Miraicensys elf mirai ua-wget
http://160.250.137.130/bins/cutempsl0fb139d4a16ce60bbd9e9ec5068076d6c658661d12bfe41410c10183fd63f801 Miraicensys elf mirai ua-wget
http://160.250.137.130/bins/cuteppcc0e86523cd59e7f9e4676b73cb145358bbaffa76bd0c3a979ea7622b1e925e30 Miraicensys elf mirai ua-wget
http://160.250.137.130/bins/cutesh48a6fa1fa72f27cd803a28f5f2c0845803a6946188c1fc661f0f9a7b03ee7b06e Miraicensys elf mirai ua-wget
http://160.250.137.130/bins/cutex86bcd8a7016bbd51aff433ebaa476c118ec2583d74ce3f45c4adf5b941c3385bf3 Miraicensys elf mirai ua-wget
http://160.250.137.130/bins/cutex86_6408b14d5fd2c7211a77d47d5c667153e1875cf0b17d53f9b290b54faa6cc6693f Miraicensys elf mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
72
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.Downloader-33.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
94.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6849e83407b5e8c1cfe64fbdlinux22vpnfull_triage
Tags:
agent hype sage
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/6849e737171e01f9593d734a/reports/7cacb114-57fb-4711-8102-677a435f9505/overview
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/a896fbc9f57762aca71073f9398d8bdcbc359cedcf57073f72b0d89f2b8218cb
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/a896fbc9f57762aca71073f9398d8bdcbc359cedcf57073f72b0d89f2b8218cb/
Threat name:
Document-HTML.Trojan.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2025-06-11 20:30:03 UTC
File Type:
Text (Shell)
AV detection:
11 of 24 (45.83%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=vclpxspvo5rkzjyqop4ttdml3s6dlhhnz5lqop3swdmj6k4cddfq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/250611-zaemfafl7x/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh a896fbc9f57762aca71073f9398d8bdcbc359cedcf57073f72b0d89f2b8218cb

(this sample)

Mirai

elf fc61174dddd0814b0effddaf4fcee01563160c4d6ae595b416d90427769d1e4c

  
URLhaus
https://urlhaus.abuse.ch/url/3561022/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3561023/
  
Dropping
MD5 df740ef4f34b96129282e26cfc66d5fb
  
Dropping
SHA256 fc61174dddd0814b0effddaf4fcee01563160c4d6ae595b416d90427769d1e4c

Comments