MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f1ce22cfa9b671fe9a5754b6a81ae1c3155494d57b175c81ebed66beec65e9a2. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: f1ce22cfa9b671fe9a5754b6a81ae1c3155494d57b175c81ebed66beec65e9a2
SHA3-384 hash: 4aad21c43b1cc17a9b33c2fe5c311cb0f80e7d29b1772ea9902bf42e612e43e1e0593f8b34afacddbc72d63eebe12d2e
SHA1 hash: 2da5c55bb219456fbde19d7d5c8a4fba341caf64
MD5 hash: 95c73d18b1b2380ee31684f324ebd505
humanhash: fanta-salami-pluto-burger
File name:fc
Download: download sample
Signature Mirai
Create hunting rule
File size:694 bytes
First seen:2025-02-09 13:46:03 UTC
Last seen:2025-02-10 10:42:11 UTC
File type: sh
MIME type:text/plain
ssdeep 12:TGjGy0LK+nZmM6PRnfM/pKHc/3ZmMSnRnfM/pKHc/3ZmMSt7YKHc/3ZmMSUUKHcc:2GZKOT6soe3TSsoe3TWve3T/e3k
TLSH T1540184636B0C75F4BBED9916B2678BE16CDDD08F3C830611D83482967C94A640E78E70
Magika txt
Reporter abuse_ch
Tags:mirai sh
URLMalware sample (SHA256 hash)SignatureTags
http://156.229.233.155/arm7d2ea0eed1f82458ed76a956ca3fd1f72d1c1e29b40a6118d1e5f1e6d78418077 Miraielf mirai opendir

Intelligence

File Origin
# of uploads :
2
# of downloads :
77
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Clean
Score:
84.2%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67a8dcfcd010e522d1b8390flinux22vpnfull_triage
Tags:
n/a
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/f1ce22cfa9b671fe9a5754b6a81ae1c3155494d57b175c81ebed66beec65e9a2
Result
Verdict:
UNKNOWN
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/f1ce22cfa9b671fe9a5754b6a81ae1c3155494d57b175c81ebed66beec65e9a2
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/f1ce22cfa9b671fe9a5754b6a81ae1c3155494d57b175c81ebed66beec65e9a2/
Threat name:
Linux.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2025-02-09 14:57:12 UTC
File Type:
Text
AV detection:
5 of 24 (20.83%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=6hhcft5jwzy75gsxks3kqgxbymkvjfgvpmlvzapl5vtl53df5gra._file
Result
Malware family:
n/a
Score:
  8/10
Tags:
discovery
Link:
https://tria.ge/reports/250209-vak21axldy/
Behaviour
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates physical storage devices
System Location Discovery: System Language Discovery
System Network Configuration Discovery: Internet Connection Discovery
Downloads MZ/PE file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/f1ce22cfa9b671fe9a5754b6a81ae1c3155494d57b175c81ebed66beec65e9a2

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh f1ce22cfa9b671fe9a5754b6a81ae1c3155494d57b175c81ebed66beec65e9a2

(this sample)

Mirai

elf d2ea0eed1f82458ed76a956ca3fd1f72d1c1e29b40a6118d1e5f1e6d78418077

  
URLhaus
https://urlhaus.abuse.ch/url/3433465/
  
Delivery method
Distributed via web download
  
Dropping
MD5 7b439f437784a01424eaabdc749bebaf
  
Dropping
SHA256 d2ea0eed1f82458ed76a956ca3fd1f72d1c1e29b40a6118d1e5f1e6d78418077

Comments