MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 06240d6f9990a658a2ff844a1f591256c6088ac086dc036e700f73f55504c292. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



Mirai


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments

SHA256 hash: 06240d6f9990a658a2ff844a1f591256c6088ac086dc036e700f73f55504c292
SHA3-384 hash: c89b116b675cdebbc348a86041fda3e1e19e591bd961876b97cae79ad412c9b56395e1be4b46ccfe4f1525676ca39c65
SHA1 hash: 57f7c1f72bb2a69ad5ee26daa3d3a861470ac105
MD5 hash: 81e0f637ed86a4e4e50833c9bb09f426
humanhash: quiet-monkey-princess-wisconsin
File name:wget.sh
Download: download sample
Signature Mirai
File size:980 bytes
First seen:2025-01-08 23:21:39 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 12:sXOsYxPC7JlqZ1ZUJZI4WAdMhWo07h5BD/hHrZhHdShbrThSw0w:sXCZG+1ZuZI4Wu8Wj75Hr3HQ1f
TLSH T17C115BCE41F2AE305094542972936A6DB845C6CA07080E487EAD4A36ABCCAB9B464F80
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://103.136.41.100/t18fe802ec37b5f944520e2f6e5853c2723bc2f787dc7ffae6e85e1746e499df47 Miraielf mirai ua-wget
http://103.136.41.100/t2053c4a9eeca2f2436daf4273a9d8e2f680834e05a9d2eeabcebcfffa17679544 Miraielf mirai ua-wget
http://103.136.41.100/t3e3b0263b1545b58725dfde84e5d125ae87b0a14a16c364301af4d91cc068fa12 Miraielf mirai ua-wget
http://103.136.41.100/t4fde57c36daa01f9114312d7e4498d4e0cfe3ca125a8221e44117bc43de96ee4b Miraielf mirai ua-wget
http://103.136.41.100/t5fde57c36daa01f9114312d7e4498d4e0cfe3ca125a8221e44117bc43de96ee4b Miraielf mirai ua-wget
http://103.136.41.100/t60787b187057248b0badadc13b1b65e942fc3ced46673ba3e20f11270acce2267 Miraielf mirai ua-wget

Intelligence


File Origin
# of uploads :
1
# of downloads :
121
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
busybox
Threat name:
Win32.Trojan.Generic
Status:
Suspicious
First seen:
2025-01-09 00:04:11 UTC
AV detection:
7 of 24 (29.17%)
Threat level:
  5/5
Result
Malware family:
n/a
Score:
  7/10
Tags:
defense_evasion discovery linux
Behaviour
Reads runtime system information
System Network Configuration Discovery
Writes file to tmp directory
File and Directory Permissions Modification
Executes dropped EXE
Please note that we are no longer able to provide a coverage score for Virus Total.

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 06240d6f9990a658a2ff844a1f591256c6088ac086dc036e700f73f55504c292

(this sample)

  
Delivery method
Distributed via web download

Comments