MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 09bbbfa3fcced09bb00acefdc3f3e804222d1656647910c3b6e53d3aef4bb954. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 09bbbfa3fcced09bb00acefdc3f3e804222d1656647910c3b6e53d3aef4bb954
SHA3-384 hash: b29c5e252738824fb4a96aeb5e9d8994d73b1c23b8c274c012f60837720f24ff47d3334180d40d47cb56b8e178d0087d
SHA1 hash: 89d430fb59bbc3b117485c90d3fe568a7939ad16
MD5 hash: 84c9785284e68d7428262553e0e26e84
humanhash: sweet-golf-maine-butter
File name:st
Download: download sample
Signature Mirai
Create hunting rule
File size:92 bytes
First seen:2025-12-21 15:13:57 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 3:TKH4FBCAjdVZVMISoeNOaDSoFSsJOPIqw:h+8dVcninsJOPK
TLSH T11BB0127F4016CF56908C0458B170103270F6534016610118CFDF405E80C07133718E31
TrID 70.0% (.SH) Linux/UNIX shell script (7000/1)
30.0% (.) Unix-like shebang (var.3) (gen) (3000/1)
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://130.12.180.64/splarm77cc0c7d015dfef9d1917318d0ec9b7cb9d1bb80d8b2b0bff615814bc2a0726eb Miraielf mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
38
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Detection(s):
SecuriteInfo.com.BV.Downloader-AEH.77889499.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/6948133ae126b9ff438ad46a/reports/d2896b19-0436-4a04-b8b3-b28c1e2e2161/overview
Verdict:
Suspicious
Labled as:
TrojanDownloader/Linux.Agent
Link:
https://www.hybrid-analysis.com/sample/09bbbfa3fcced09bb00acefdc3f3e804222d1656647910c3b6e53d3aef4bb954
Verdict:
Unknown
File Type:
unix shell
First seen:
2025-12-21T12:32:00Z UTC
Last seen:
2025-12-22T15:05:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/09bbbfa3fcced09bb00acefdc3f3e804222d1656647910c3b6e53d3aef4bb954/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/8e524a15-65af-4b3e-a86c-2e754358cb86
Behavior Graph:
Download SVG
%3 guuid=c314bdea-1900-0000-edb2-1071800d0000 pid=3456 /usr/bin/sudo guuid=07d175ec-1900-0000-edb2-1071860d0000 pid=3462 /tmp/sample.bin guuid=c314bdea-1900-0000-edb2-1071800d0000 pid=3456->guuid=07d175ec-1900-0000-edb2-1071860d0000 pid=3462 execve
Score:
90%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/09bbbfa3fcced09bb00acefdc3f3e804222d1656647910c3b6e53d3aef4bb954
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/09bbbfa3fcced09bb00acefdc3f3e804222d1656647910c3b6e53d3aef4bb954/
Threat name:
Text.Browser.Generic
Create hunting rule
Status:
Suspicious
First seen:
2025-12-21 15:33:17 UTC
File Type:
Text (Shell)
AV detection:
2 of 24 (8.33%)
Threat level:
  4/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=bg537i74z3ijxmakz364h47iaqrc2fswmr4rbq5w4u6tv32lxfka._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
linux
Link:
https://tria.ge/reports/251221-syt9gatnax/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 09bbbfa3fcced09bb00acefdc3f3e804222d1656647910c3b6e53d3aef4bb954

(this sample)

Mirai

elf ebd1877912ec628403d89fec591218730dfb454d5616e877ed2a70d12edbeedd

  
URLhaus
https://urlhaus.abuse.ch/url/3739323/
  
Delivery method
Distributed via web download
  
Dropping
MD5 02e860eb4ae82ae5773c2c038a4c2405
  
Dropping
SHA256 ebd1877912ec628403d89fec591218730dfb454d5616e877ed2a70d12edbeedd

Comments