MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f6c0e81a211d47beac6c201fa8024d4cf1423df035335c7706ffc7fa9115c5c6. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: f6c0e81a211d47beac6c201fa8024d4cf1423df035335c7706ffc7fa9115c5c6
SHA3-384 hash: bdec9a8470098fefcda95237c13087081c72dcdbf15b84c982cb28d03304af2155d7c5399f07588615df0230ab4af208
SHA1 hash: b454e2fea648f5f2e6d98a02b9b32199d9aa854f
MD5 hash: a55a791f7742287ff60383f66c10d362
humanhash: alabama-glucose-georgia-fifteen
File name:w.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:874 bytes
First seen:2025-11-04 06:40:28 UTC
Last seen:2025-11-04 19:45:35 UTC
File type: sh
MIME type:text/plain
ssdeep 24:E7xnN+cNIpTwKloGho6sEVyovOqOnhplX3:8NE0Ufyfzhnp
TLSH T1C3119A9E0B226805C30CCF19342A891457CB86CDE63AAE485819187FACE460BF41EF5B
Magika shell
Reporter abuse_ch
Tags:mirai sh
URLMalware sample (SHA256 hash)SignatureTags
http://196.251.114.199/bins/parmbbbc704e34bebf1947d288a63c9c2ff39a2975983cc66358d5b4c2c2b250fe57 Miraielf mirai ua-wget
http://196.251.114.199/bins/parm5f7b0e8d4f6113c9b109adc25b0430e0a2659dc5abd6e004e27856e29f2ce0a51 Miraielf mirai ua-wget
http://196.251.114.199/bins/parm64a307a10ee486cace2a73f2c9c121e0ea40af6bd9d28f569f703f8a49856114c Miraielf mirai ua-wget
http://196.251.114.199/bins/parm7c643a81227e300f1e7737358b04f70039f272a36c5932161768be025be8095fd Miraielf mirai ua-wget
http://196.251.114.199/bins/psh4562eae54a314f565b875a5f6c1869a7992011c2c9dbf97e79252890e0476cd6e Miraielf mirai ua-wget
http://196.251.114.199/bins/pppcd51e3825c28a858d438229bd88050835e090f1923b1935fb321d9d5790828653 Miraielf mirai ua-wget
http://196.251.114.199/bins/pmips06bb8b785aea7cb2988f7ac7e29d31bfa1a65355740dd0933a7e8b6633a1c97a MiraiDEU elf geofenced mirai ua-wget
http://196.251.114.199/bins/pmpsl6daf093180aa5eed5e2e3c57d4cd08bf4256b9da14f3ca34c8e36d88ab18db2c Miraielf mirai ua-wget
http://196.251.114.199/bins/pspc909cf78a489fcf08e7f69c4593ef2cb304f5a2f66dc1854d9f5d93b6b83b1610 Miraielf mirai ua-wget
http://196.251.114.199/bins/px86f03f0c9bcf169e716260f28ff60671acbdfc32902c24390691fd605914a67e05 Miraielf mirai ua-wget
http://196.251.114.199/bins/px86_64n/an/aelf ua-wget
http://196.251.114.199/bins/pi586n/an/aelf ua-wget

Intelligence

File Origin
# of uploads :
2
# of downloads :
50
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
mirai
Link:
https://www.filescan.io/uploads/6909a0044425b0b1fd133f2b/reports/6274cda3-c45c-4df6-9f03-657531153fae/overview
Verdict:
Malicious
File Type:
ps1
First seen:
2025-10-31T08:13:00Z UTC
Last seen:
2025-11-04T19:39:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/f6c0e81a211d47beac6c201fa8024d4cf1423df035335c7706ffc7fa9115c5c6/results?tab=lookup
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/f6c0e81a211d47beac6c201fa8024d4cf1423df035335c7706ffc7fa9115c5c6
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/f6c0e81a211d47beac6c201fa8024d4cf1423df035335c7706ffc7fa9115c5c6/
Threat name:
Document-HTML.Trojan.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2025-10-31 06:28:53 UTC
File Type:
Text (Shell)
AV detection:
15 of 36 (41.67%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=63aoqgrbdvd35ldmeap2qasnjtyueppqguzvy5yg77d7veivyxda._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/251104-hfs9cayrem/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/f6c0e81a211d47beac6c201fa8024d4cf1423df035335c7706ffc7fa9115c5c6

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh f6c0e81a211d47beac6c201fa8024d4cf1423df035335c7706ffc7fa9115c5c6

(this sample)

Mirai

elf c2709c8b65f3ba8f41e33bcf35b28a3ee2d5ef9fcebcc6e6cc789cdadcc42dbf

Mirai

elf bbbc704e34bebf1947d288a63c9c2ff39a2975983cc66358d5b4c2c2b250fe57

  
URLhaus
https://urlhaus.abuse.ch/url/3695528/
  
Delivery method
Distributed via web download
  
Dropping
MD5 5e1d4b327bb9b2f1d07456c98b6e47b7
  
Dropping
SHA256 bbbc704e34bebf1947d288a63c9c2ff39a2975983cc66358d5b4c2c2b250fe57

Comments