MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 edac6c174858a6c640ca16099e7a7f0514a041777526fe7e9c67d877cbc7f73c. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: edac6c174858a6c640ca16099e7a7f0514a041777526fe7e9c67d877cbc7f73c
SHA3-384 hash: 85ba9fed6c7bed203f0cc920eba74ef4d7ab64e4d6995fdae1b717e5dcad250bbc3d9a6f5e1853b787b31c4e218a04cf
SHA1 hash: a9c3442465e4656c569416d015ebb3e3f42e86e1
MD5 hash: 27ce3b5d511752f16100ac6ece3d7256
humanhash: florida-asparagus-fruit-moon
File name:edac6c174858a6c640ca16099e7a7f0514a041777526fe7e9c67d877cbc7f73c.sh
Download: download sample
File size:19'223 bytes
First seen:2026-02-22 13:19:27 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 96:cCuRk0B6csht+O+v1fsn+h4+tIiKqCTyOysuKNpUj4waYvjzzNGyUfosIbIbQuTh:cCueg6p4hvZ5m5FoKNpiv3tz0EfM
TLSH T16D825B7621F04A336BA055C4B3771BA15FB29617456320A8B4FE1F365F5AB03B0EBA21
Magika xml
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://38.6.178.140/easy_pass.shn/an/an/a
http://204.76.203.3/wget.shn/an/an/a
http://85.209.43.252/teccn/an/an/a
http://85.209.43.252/teeen/an/an/a
http://38.6.178.140/easy_cloud.shn/an/an/a
http://107.189.1.200/2.sh3b1294e989efd51c9e373b06f5548ebd176910eb311bba61333f3f76ccd46751 Miraimirai sh ua-wget
http://196.189.96.138:81/hiddenbin/dvr1.shn/an/an/a

Intelligence

File Origin
# of uploads :
1
# of downloads :
15
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
evasive mirai
Link:
https://www.filescan.io/uploads/699b044810e80629d4ed30bd/reports/1f677550-ee55-4e25-bf82-ba0b2cebd7ae/overview
Verdict:
Unknown
File Type:
text
Link:
https://opentip.kaspersky.com/edac6c174858a6c640ca16099e7a7f0514a041777526fe7e9c67d877cbc7f73c/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/62f5d353-0fad-48f4-b795-510501a9478c
Behavior Graph:
Download SVG
%3 guuid=6c58e338-1b00-0000-8304-fb076f0c0000 pid=3183 /usr/bin/sudo guuid=a7925f3c-1b00-0000-8304-fb07700c0000 pid=3184 /tmp/sample.bin guuid=6c58e338-1b00-0000-8304-fb076f0c0000 pid=3183->guuid=a7925f3c-1b00-0000-8304-fb07700c0000 pid=3184 execve
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/edac6c174858a6c640ca16099e7a7f0514a041777526fe7e9c67d877cbc7f73c
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/edac6c174858a6c640ca16099e7a7f0514a041777526fe7e9c67d877cbc7f73c/
Threat name:
Text.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2026-02-22 13:22:34 UTC
File Type:
Text (HTML)
AV detection:
2 of 24 (8.33%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=5wwgyf2ilctmmqgkcyez46t7aukkaqlxoutp47u4m7mhps6h646a._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260222-qlx4gsdt9e/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/edac6c174858a6c640ca16099e7a7f0514a041777526fe7e9c67d877cbc7f73c

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh edac6c174858a6c640ca16099e7a7f0514a041777526fe7e9c67d877cbc7f73c

(this sample)

Mirai

elf 117e74e6d5c74146bdc66ae7b2cc5e148104b3128c2b48de07066e327d0f0fbb

Mirai

sh 3b1294e989efd51c9e373b06f5548ebd176910eb311bba61333f3f76ccd46751

  
URLhaus
https://urlhaus.abuse.ch/url/3783283/
  
Delivery method
Distributed via web download
  
Dropping
MD5 cf5e28ad68d28873951cf28432e79ae9
  
Dropping
SHA256 3b1294e989efd51c9e373b06f5548ebd176910eb311bba61333f3f76ccd46751

Comments