MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 cf1300d92066f64202bcefd9ab1736ed59c0089c9e30c4da501f5dc4e21af111. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: cf1300d92066f64202bcefd9ab1736ed59c0089c9e30c4da501f5dc4e21af111
SHA3-384 hash: fc0faeaf1f0f72ff3adb9744f9de1902c35a4ffd8c28407b664c1c1d626b033f0273889f641bddb25c974e9d5e25b2a2
SHA1 hash: f12761fc392d221eb87d92a714fee19fad8d8a91
MD5 hash: 90f53265497a62676e6e67f4ed4da2da
humanhash: winter-violet-rugby-solar
File name:curl.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:1'440 bytes
First seen:2025-02-11 15:02:12 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 24:s7nrdQXCv2Lt/JZEhzlBmyvn3tmwJ0yZhhs/:OkJqNmx
TLSH T13721B446007098263E6D7A9B32F68919731B726F24DA4F0AA4DC31F99C9CFC865D6393
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://185.93.89.101/dlr.mpsl35015fb875ac600a10a334312194687b18ce3fe741d0fd275af672d9526fe6b9 Miraielf mirai
http://185.93.89.101/dlr.mipsc4fee388bd2a8f173f579984422824f47de3e11825ce65d95a9cb25dff408898 Miraielf mirai
http://185.93.89.101/dlr.arm4n/an/an/a
http://185.93.89.101/dlr.arm503473bff7c329b12f550e13752c6fac3386760084159d78874d5a53f6b09ad3b Miraielf mirai
http://185.93.89.101/dlr.arm60a02ba9c9a83a13aa63cd4b30c31b24ecac0e5e45bf127b55a95f82dcd741fc5 Miraielf mirai
http://185.93.89.101/dlr.arm7a104d8fd980c1c3442a237356e6420cb770aaefc8f3c57bd9a1596b7b5bc9d53 Miraielf mirai
http://185.93.89.101/dlr.m68k38e1018ebc0830905e73ed1db5096faf14194f8ed8d95aeeae53feb467541736 Miraielf mirai
http://185.93.89.101/dlr.x86dcd06bb8d4b63204470b19dfa7d9853c28c182fe41340dace72d39fd0d5954af Miraielf mirai
http://185.93.89.101/dlr.spcef00fcf90dbbf2740674a94357691c011590fe2b9d3096d32f1e3caf158afca0 Miraielf mirai
http://185.93.89.101/dlr.ppc19d142cdfb2425644cbbe4a3f285ae199b95eadd05fbc060602eb53bf9e8bd67 Miraielf mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
84
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Score:
93.3%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67ab670cf667f46cd1830967linux22vpnfull_triage
Tags:
malware
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
evasive
Link:
https://www.filescan.io/uploads/67ab66c4c0f303a5682d71d2/reports/3ada97fa-556d-45ba-9bf4-eb43789b844c/overview
Result
Verdict:
UNKNOWN
Score:
3%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/cf1300d92066f64202bcefd9ab1736ed59c0089c9e30c4da501f5dc4e21af111
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/cf1300d92066f64202bcefd9ab1736ed59c0089c9e30c4da501f5dc4e21af111/
Threat name:
Document-HTML.Browser.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2025-02-11 15:03:16 UTC
File Type:
Text (Shell)
AV detection:
6 of 38 (15.79%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=z4jqbwjam33eeav457m2wfzw5vm4ace4tyymjwsqd5o4jyq26eiq._file
Result
Malware family:
n/a
Score:
  8/10
Tags:
discovery
Link:
https://tria.ge/reports/250211-seqryaylft/
Behaviour
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates physical storage devices
System Location Discovery: System Language Discovery
System Network Configuration Discovery: Internet Connection Discovery
Downloads MZ/PE file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/cf1300d92066f64202bcefd9ab1736ed59c0089c9e30c4da501f5dc4e21af111

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh cf1300d92066f64202bcefd9ab1736ed59c0089c9e30c4da501f5dc4e21af111

(this sample)

Mirai

elf 35015fb875ac600a10a334312194687b18ce3fe741d0fd275af672d9526fe6b9

  
URLhaus
https://urlhaus.abuse.ch/url/3436190/
  
Delivery method
Distributed via web download
  
Dropping
MD5 f9277d216dd978b9802115795e823e16
  
Dropping
SHA256 35015fb875ac600a10a334312194687b18ce3fe741d0fd275af672d9526fe6b9

Comments