MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2d545c5442f15c79ab5e795145c4c84464ae6c20a25a92fff5997e2b74a7e89a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 2d545c5442f15c79ab5e795145c4c84464ae6c20a25a92fff5997e2b74a7e89a
SHA3-384 hash: 87772bc8d1b29179ae3cca25e803605677f32c0587f5e972aa4a7eb61005f1523a37dc4f14c9ab45a2e0c6521b959bc7
SHA1 hash: 4c0c7a5c25a53e4f40c639b2cc7e048d89c37a2b
MD5 hash: ce82da6e5b8d2261609786091c9d1987
humanhash: uniform-spaghetti-beer-neptune
File name:o.xml
Download: download sample
Signature Mirai
Create hunting rule
File size:663 bytes
First seen:2026-01-22 23:41:03 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 12:FzY8id/7JAC7akxGWi2jX0KTkFjwvXPFmnv:FzY8k1/sWi2jkZkXPM
TLSH T176014C8CA5BC898116ADC595B5F0D10454859087E2F4D7E1F28D4824AF40E8D395320D
Magika xml
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://82.23.183.82/bins/x861cdcec3f4fd3d942bbea8523307209f733d6c9d6914e006568a989ea48601d698 Miraielf geofenced mirai opendir ua-wget USA x86

Intelligence

File Origin
# of uploads :
1
# of downloads :
43
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Suspicious
Labled as:
TrojanDownloader/Linux.NetLoader
Link:
https://www.hybrid-analysis.com/sample/2d545c5442f15c79ab5e795145c4c84464ae6c20a25a92fff5997e2b74a7e89a
Result
Gathering data
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/fa0a0eb8-d79d-4286-8a4e-3b72b2c07cb9
Behavior Graph:
Download SVG
%3 guuid=0764c60e-1900-0000-a594-5f51220b0000 pid=2850 /usr/bin/sudo guuid=727d3f11-1900-0000-a594-5f51290b0000 pid=2857 /tmp/sample.bin guuid=0764c60e-1900-0000-a594-5f51220b0000 pid=2850->guuid=727d3f11-1900-0000-a594-5f51290b0000 pid=2857 execve guuid=b3987c11-1900-0000-a594-5f512b0b0000 pid=2859 /usr/bin/dash guuid=727d3f11-1900-0000-a594-5f51290b0000 pid=2857->guuid=b3987c11-1900-0000-a594-5f512b0b0000 pid=2859 clone
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/2d545c5442f15c79ab5e795145c4c84464ae6c20a25a92fff5997e2b74a7e89a
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/2d545c5442f15c79ab5e795145c4c84464ae6c20a25a92fff5997e2b74a7e89a/
Verdict:
Clean
Link:
https://tip.neiki.dev/file/2d545c5442f15c79ab5e795145c4c84464ae6c20a25a92fff5997e2b74a7e89a
Threat name:
Script.Trojan.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2026-01-22 23:53:00 UTC
File Type:
Text
AV detection:
4 of 36 (11.11%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=fvkfyvcc6fohtk26pfiulrgiirsk43baujnjf77vtf7cw5fh5cna._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/2d545c5442f15c79ab5e795145c4c84464ae6c20a25a92fff5997e2b74a7e89a

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 2d545c5442f15c79ab5e795145c4c84464ae6c20a25a92fff5997e2b74a7e89a

(this sample)

Mirai

elf cdcec3f4fd3d942bbea8523307209f733d6c9d6914e006568a989ea48601d698

  
URLhaus
https://urlhaus.abuse.ch/url/3762313/
  
Delivery method
Distributed via web download
  
Dropping
MD5 32bde5e39126ed2d58a95f70a525282d
  
Dropping
SHA256 cdcec3f4fd3d942bbea8523307209f733d6c9d6914e006568a989ea48601d698

Comments