MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 05bb60d449ad9d849e3303ac5c01e6766cb9fcfdb2b07e4bb1bd1f3b41bb3950. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA 1 File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 05bb60d449ad9d849e3303ac5c01e6766cb9fcfdb2b07e4bb1bd1f3b41bb3950
SHA3-384 hash: de47ecd7cc4d57f85e404f1fae9b1256f1813afc94083aff75b80f1956734d9ae89e412f88662251d5c13f7ad48603da
SHA1 hash: 1e2f79e32fc00797e53b4f03fae98265e1ad73ff
MD5 hash: a9d5f1eb5f9ee995f3e4575617a4c300
humanhash: winter-south-twenty-robin
File name:k
Download: download sample
Signature Mirai
Create hunting rule
File size:700 bytes
First seen:2025-04-07 03:12:21 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 12:3rWKIw+u5ZMoOF7+MB05whPO+hPNDNkQNYhIyT+hIygDNkQN8Tvn:yRk5zOt+MB0OhDhDkAYhYh0kA8jn
TLSH T15E01FCCE0158CE7624854DEE7193591968CEC4CA1BCD8FC520DE08B9E4CDF0C7467E66
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://185.142.53.184/vv/armv4l85d832b76ffa7623c5d14c0010db35fc9ea43aabd189731671c04ac5f3fb5cf2 Miraielf mirai ua-wget
http://185.142.53.184/vv/armv7l45fe3faa7904cacf5f7a3d63385aebad6890f8913b8dabe91f29956be44c3e99 Miraielf mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
86
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.DownLoader.2324.8570.25197.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
90.2%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67f343a8a695a0cd1fab8a84linux22vpnfull_triage
Tags:
agent hype sage
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
busybox evasive obfuscated
Link:
https://www.filescan.io/uploads/67f342c32d430c849e0982fb/reports/5d85149c-a656-4d28-84dd-2ac4a54bb4a7/overview
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/05bb60d449ad9d849e3303ac5c01e6766cb9fcfdb2b07e4bb1bd1f3b41bb3950
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/05bb60d449ad9d849e3303ac5c01e6766cb9fcfdb2b07e4bb1bd1f3b41bb3950/
Threat name:
Linux.Downloader.Generic
Create hunting rule
Status:
Suspicious
First seen:
2025-04-07 03:16:09 UTC
File Type:
Text (Shell)
AV detection:
6 of 24 (25.00%)
Threat level:
  3/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=aw5wbvcjvwoyjhrtaowfyapgozwlt7h5wkyh4s5rxuptwqn3hfia._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/250407-dshk6azj15/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/05bb60d449ad9d849e3303ac5c01e6766cb9fcfdb2b07e4bb1bd1f3b41bb3950

YARA Signatures

MalwareBazaar uses YARA rules from several public and non-public repositories, such as YARAhub and Malpedia. Those are being matched against malware samples uploaded to MalwareBazaar as well as against any suspicious process dumps they may create. Please note that only results from TLP:CLEAR rules are being displayed.

Rule name:ach_202412_suspect_bash_script
Create hunting rule
Author:abuse.ch
Description:Detects suspicious Linux bash scripts

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 05bb60d449ad9d849e3303ac5c01e6766cb9fcfdb2b07e4bb1bd1f3b41bb3950

(this sample)

Mirai

elf 85d832b76ffa7623c5d14c0010db35fc9ea43aabd189731671c04ac5f3fb5cf2

  
URLhaus
https://urlhaus.abuse.ch/url/3474855/
  
Delivery method
Distributed via web download
  
Dropping
MD5 ecf5c42e83916d21ea1babde89ba9ed4
  
Dropping
SHA256 85d832b76ffa7623c5d14c0010db35fc9ea43aabd189731671c04ac5f3fb5cf2

Comments