IOC Radar Logo
IOCRadar
IOC Radar Logo
IOCRadar

b147d546773bcca8f0c458d37c60d461db8ead73

Suspicious Hash
38%
SIGNAL STRENGTHModerate Noise
FIRST SEEN2025-03-29 20:02:23
LAST SEEN2025-04-22 09:35:06
CATEGORY
malware
iot/ics attack
protocol spesific attack(udp)
ssh attack
telnet threat
port scanning and brute force attempts associated with mirai botnet activity
port scanner
protocol spesific attack(tcp)
MITRE
T1053.005 - Scheduled Task
T1595.001 - Active Scanning
T1595.002 - Port Scanning
T1595.003 - Network Scanning
T1078.001 - Default Accounts
T1203 - Exploit Software
T1497.001 - System Checks
T1110.002 - Brute Force
T1059.004 - Unix Shell
T1040 - Network Sniffing
TAGS
ddos attacks
command and control
distributed attacks
network security
networking
communication protocol
network attacks
tcp protocol
network protocol
protocol exploitation
Eye Icon
SOCRadar
AI Insight

The SHA1 hash b147d546773bcca8f0c458d37c60d461db8ead73 is a significant Indicator of Compromise (IOC) because it is associated with the infamous Mirai botnet. Mirai is known for compromising IoT devices and leveraging them to conduct large-scale Distributed Denial-of-Service (DDoS) attacks. A presence of this hash within the environment suggests that systems may be infected with Mirai or a Mirai-variant, posing a serious threat of participation in DDoS attacks, network disruption, and potential data exfiltration. This IOC's relevance stems from its direct link to a well-documented and actively exploited vulnerability targeting a wide range of embedded devices, and has been seen actively exploited recently. Due to the large scale disruption this IOC represents, this IOC should be treated as Critical and immediately investigated.

Summary

Hash Type:
sha1
MD5:
-
SHA-1:
-
SHA-256:
-
Files:
ohshit.sh
File Type:
sh

Top Classifications

Campaign:
-
Industry:
-
Country:
-
Region:
-
Threat Actors:
-
Malware:
-

Feed Sources

Feed Source
Count
Date
Abuse.ch-Hash
2
2025-03-30
Threatview.io Feeds
2
2025-04-03
SOCRadar Threat Exchange Services
2
2025-04-22
MalwareBazaar Feeds
1
2025-03-30

Threat Activity Timeline

Last 24 hours
Moderate
Last 7 Days
Minimal Activity
Last Month
Minimal Activity
Last 3 Months
Minimal Activity
Extended Threat Intelligence
Free Trial

Stay ahead with proactive cyber threat warnings

Discover how SOCRadar's all-in-one platform can help protect your digital assets with extended threat intelligence, digital risk protection, and attack surface management.