MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2375dd3acbab0d7073f7e8d0f7228123675c78ea49a0347117fca54bc9d84fb3. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 2375dd3acbab0d7073f7e8d0f7228123675c78ea49a0347117fca54bc9d84fb3
SHA3-384 hash: 703c9125c092a1d98c067f2fa3a83475cdb7dd2daae94c4933dc88cfa10c998f662829c520d7f6d41f22c81acdec7102
SHA1 hash: dd874b98d44bc65decac69f4fa61a4a7640fce36
MD5 hash: 400891e5f9bd58e5514d81b30bf600cc
humanhash: paris-snake-angel-uranus
File name:go.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:3'020 bytes
First seen:2024-12-26 04:06:24 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 48:o8zLXFbgXRJXYMXY6HXqY2BYX0KEqfX2tUXPaQXGtXZs+XbTd8zLXFbDXRQXYlXB:o8zjFbSRZYWY63qs7Eq/2UPaCGlyond6
TLSH T18A51764FE7B274A9CF66CF17AF636AC98504B1E9948B5FD6B4E0C82C00A45D4F3E1909
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://79.124.60.186/bins/telnet.x86e690a79a215ba4e23fd294dd13ae1065adfbdee259b9b8657e6851fdd912e7e8 Mirai32-bit elf mirai x86-32
http://79.124.60.186/bins/telnet.arm78aa12d9e013942202a1f63f5ca9e579e05a26e399c390a2703b5ecc97c19e6a Miraimirai
http://79.124.60.186/bins/telnet.arm59fb807fda0cd97a310abe874e17dd481aeb13455c307331f46c20da65fce6367 Miraimirai
http://79.124.60.186/bins/telnet.arm62957962f6f7db455ef6f6172b85ef157862b41ef8a2236796c2669055dee915e Miraimirai
http://79.124.60.186/bins/telnet.arm78ad5ccff643191b3111166d99224d702c0c06e4629edbb953b060aa133c0f0fa Miraimirai
http://79.124.60.186/bins/telnet.m68k8ad5ccff643191b3111166d99224d702c0c06e4629edbb953b060aa133c0f0fa Miraiopendir sh
http://79.124.60.186/bins/telnet.mips0282a7e9745d35ad0d4c59ba8e1d321db5b9cc2c0d4c3558ce5232a2809fb18c Miraimirai
http://79.124.60.186/bins/telnet.mpsl4f47e52d92aab4f7620ec086f055251c0df84dc2029118f565b1f73ff73e9f32 Miraimirai
http://79.124.60.186/bins/telnet.ppcd1fcea5085dd722e81a3bcbf228db140dff2fab14c38b61760f030ccd2a58d80 Miraimirai
http://79.124.60.186/bins/telnet.sh41f25187fbf13c3cd01c90eedd66a791cf5c8eb5b13ac0f49cff1a3b220d2627b Miraimirai
http://79.124.60.186/bins/telnet.spc1f25187fbf13c3cd01c90eedd66a791cf5c8eb5b13ac0f49cff1a3b220d2627b Miraiopendir sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
90
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.PUA.Shell.DeleteHistory-2.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
92.5%
Link:
https://cyber-fortress.com/docs/result/index.php?id=676cd6728a4d48ee35ff85d5linux22vpnfull_triage
Tags:
mirai virus
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
anti-debug evasive lolbin remote
Link:
https://www.filescan.io/uploads/676cd66fb227d2dfb4104572/reports/c24c4073-42c1-4eb0-8255-f358922a3b6d/overview
Result
Verdict:
MALICIOUS
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/2375dd3acbab0d7073f7e8d0f7228123675c78ea49a0347117fca54bc9d84fb3
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/2375dd3acbab0d7073f7e8d0f7228123675c78ea49a0347117fca54bc9d84fb3/
Threat name:
Script-Shell.Trojan.Geninst
Create hunting rule
Status:
Malicious
First seen:
2024-12-26 04:07:08 UTC
File Type:
Text (Shell)
AV detection:
17 of 38 (44.74%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=en252owlvmgxa47x5dipoiubentvy6hkjgqdi4ix7ssuxsoyj6zq._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
linux
Link:
https://tria.ge/reports/241226-epmw5swnf1/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/2375dd3acbab0d7073f7e8d0f7228123675c78ea49a0347117fca54bc9d84fb3

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 2375dd3acbab0d7073f7e8d0f7228123675c78ea49a0347117fca54bc9d84fb3

(this sample)

Mirai

elf e690a79a215ba4e23fd294dd13ae1065adfbdee259b9b8657e6851fdd912e7e8

  
URLhaus
https://urlhaus.abuse.ch/url/3376689/
  
Delivery method
Distributed via web download
  
Dropping
MD5 9ced588aec0ba67ad8f01ce3ea50cbfa
  
Dropping
SHA256 e690a79a215ba4e23fd294dd13ae1065adfbdee259b9b8657e6851fdd912e7e8

Comments