MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0bebd64f8b78c590081a36863b5bae3dc1eb78586add384c99e93ef75b181943. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 0bebd64f8b78c590081a36863b5bae3dc1eb78586add384c99e93ef75b181943
SHA3-384 hash: 09af66c05ada7cdd973feffa4a6fad1312fd132194519ed0392f049e2cf07e6060090770f88f7419b4603089ccd83cf1
SHA1 hash: ef8ebf4a00665cfe5e6ebfdc9f8e6ebf89630a11
MD5 hash: 3686a8a87a54aa29650d5b909f894842
humanhash: three-fruit-sixteen-nuts
File name:sys.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:197 bytes
First seen:2025-08-01 12:40:07 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 6:hoewVdUQNjNgVeYvVdUQNZONg8WIrXICvn:KmVLcg7sn
TLSH T1F4D0C946500A390080DCAE7A366AD49EF001C3C8341B1BD8E9C14639828C553F0EAA78
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://66.63.187.141/mips7124a65bf24f9edba23f44feeace7c17c40c84a3977c2220d6742e188928612e Mirai32-bit elf gafgyt mirai Mozi
http://66.63.187.141/mpsl2d1cf20f3c60d797308489012c7552b1db022dfbfcf8bb1c71fe360290f597f2 Miraielf mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
33
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.Downloader-35.UNOFFICIAL
Create hunting rule

Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/2426fc18-d030-4ae3-8310-795273c327aa
Behavior Graph:
Download SVG
%3
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/0bebd64f8b78c590081a36863b5bae3dc1eb78586add384c99e93ef75b181943
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/0bebd64f8b78c590081a36863b5bae3dc1eb78586add384c99e93ef75b181943/
Verdict:
Malicious
Threat:
HEUR:Trojan-Downloader.Shell.Agent
Link:
https://tip.neiki.dev/file/0bebd64f8b78c590081a36863b5bae3dc1eb78586add384c99e93ef75b181943
Threat name:
Script.Trojan.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2025-08-01 12:29:51 UTC
File Type:
Text (Shell)
AV detection:
5 of 23 (21.74%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=bpv5mt4lpdczaca2g2ddww5ohxa6w6cynlotqtez5e7powyydfbq._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
linux
Link:
https://tria.ge/reports/250801-pwjs6saq5v/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 0bebd64f8b78c590081a36863b5bae3dc1eb78586add384c99e93ef75b181943

(this sample)

Mirai

elf b7aea615f215e8ff1fd5757bc2e76c087ef6f2d5795890435d4ab660bc664a18

  
URLhaus
https://urlhaus.abuse.ch/url/3594264/
  
Delivery method
Distributed via web download
  
Dropping
MD5 cb4805ff5bdb86074fc42f4bb884bff4
  
Dropping
SHA256 b7aea615f215e8ff1fd5757bc2e76c087ef6f2d5795890435d4ab660bc664a18

Comments