MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f15c0ca896ecbe4719a2b1301dbb1cf8844110bec6652fd748df4a9ec4477ff0. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: f15c0ca896ecbe4719a2b1301dbb1cf8844110bec6652fd748df4a9ec4477ff0
SHA3-384 hash: 0c76bf324e49d2dc2ca95aab2ab2c0b89ffc6b3331c88ea07c4fee3c24fe072f1c04944ffd3071193dc72a23ac043f13
SHA1 hash: e150cbd868a3d02381884bb8622dc7e9135564ac
MD5 hash: cc89abca9451b8b484a79bfc1ec36bd2
humanhash: mike-leopard-december-freddie
File name:t
Download: download sample
Signature Mirai
Create hunting rule
File size:863 bytes
First seen:2025-02-17 17:54:11 UTC
Last seen:2025-03-20 16:00:30 UTC
File type: sh
MIME type:text/plain
ssdeep 12:bgYIBgFXBgq0BgB6ABgeOBHBgQGBgR+WBg1DtBge0BgZlws:QaKOtYH+mE2sl
TLSH T1341186CC043A7A814C1C692A71E7D1D7BA588744B07B1B8CAFCE02B8A1CD9217170FE0
Magika txt
Reporter abuse_ch
Tags:mirai sh
URLMalware sample (SHA256 hash)SignatureTags
http://185.172.128.16/splx86n/an/aelf
http://185.172.128.16/splmipsn/an/aelf
http://185.172.128.16/splmpsln/an/aelf
http://185.172.128.16/splarmn/an/aelf
http://185.172.128.16/splarm5n/an/aelf
http://185.172.128.16/splarm6n/an/aelf
http://185.172.128.16/splarm7n/an/aelf
http://185.172.128.16/splppcn/an/aelf
http://185.172.128.16/splm68kn/an/aelf
http://185.172.128.16/splsh4n/an/aelf

Intelligence

File Origin
# of uploads :
3
# of downloads :
51
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.Downloader-35.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
93.3%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67b381a628ab76d43a5b855dlinux22vpnfull_triage
Tags:
mirai agent virus hype
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/67b377fe991985e0a95a9df1/reports/a3c8fcdd-0977-4830-ac2b-94cadf83f023/overview
Verdict:
Malicious
Labled as:
Downloader/Shell.Generic
Link:
https://www.hybrid-analysis.com/sample/f15c0ca896ecbe4719a2b1301dbb1cf8844110bec6652fd748df4a9ec4477ff0
Result
Verdict:
UNKNOWN
Score:
1%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/f15c0ca896ecbe4719a2b1301dbb1cf8844110bec6652fd748df4a9ec4477ff0
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/f15c0ca896ecbe4719a2b1301dbb1cf8844110bec6652fd748df4a9ec4477ff0/
Threat name:
Linux.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2025-02-17 18:33:09 UTC
File Type:
Text (Shell)
AV detection:
12 of 24 (50.00%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=6foazkew5s7eogncweyb3oy47ccecef6yzss7v2i35fj5rchp7ya._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
discovery
Link:
https://tria.ge/reports/250217-w665sasns8/
Behaviour
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/f15c0ca896ecbe4719a2b1301dbb1cf8844110bec6652fd748df4a9ec4477ff0

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh f15c0ca896ecbe4719a2b1301dbb1cf8844110bec6652fd748df4a9ec4477ff0

(this sample)

e2455d23a0fd822a80054dba410540495298da3cb78219f40fdc49d6e47ce787

  
URLhaus
https://urlhaus.abuse.ch/url/3443281/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3443289/
  
Dropping
MD5 c34e4fdf967e53cabdf0c73286fa05d3
  
Dropping
SHA256 e2455d23a0fd822a80054dba410540495298da3cb78219f40fdc49d6e47ce787

Comments