MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2f318908ce71e477b0f8d03a5734ddc4098567a96a02fa75ae1bf87d415756a4. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



Mirai


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments

SHA256 hash: 2f318908ce71e477b0f8d03a5734ddc4098567a96a02fa75ae1bf87d415756a4
SHA3-384 hash: 4bb8f240cd8f9e2e5e4be77cd91ae08bf7ee5965ff327c9e1f7f749749368478bbb133c4135e5aa39ca85d10009aff55
SHA1 hash: ae5f6768a76b2bbc33ff5292ef9ed8b6409bcd21
MD5 hash: 49b29c36e29ba46230b2aac3d551272e
humanhash: princess-table-orange-steak
File name:c.sh
Download: download sample
Signature Mirai
File size:802 bytes
First seen:2025-02-24 18:36:44 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 12:3J3DBJVVJNNIl5Eg0LKmpogOQJEeMVS2ON5358aG6JftnwQ5rJjbR:3J3Z5NI7gKgXZJ1i6twArhR
TLSH T1900144EE2BE1128B5E08CE0CF86F8B485642ECC7E5780A16E015B83C51FD308B071776
Magika txt
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://209.141.40.81/bins/arm33a2ea0efb7de27da9096b23328fdb832cc22a9a02e36d35c3dfebd1e1b98182 Miraielf mirai opendir
http://209.141.40.81/bins/arm5065e0aed94d29627fe5201a1f18ef334484463d7f2f612ac7fcc14090ca8a6a1 Miraielf mirai opendir
http://209.141.40.81/bins/arm6f370a8f6eca136db1bdad535722d407856cba62629dc91ba9b8899d27c28f424 Miraielf mirai opendir
http://209.141.40.81/bins/arm75e4b02509600ea4461bac895713bb9bdb57863d37ad8ec9f034efeadbf528ea9 Miraielf mirai opendir
http://209.141.40.81/bins/m68k0fd852a9a3d77e4b990a8a7cf2633b1a80b75411566b1f77308854bfe0b6d9b3 Miraielf mirai opendir
http://209.141.40.81/bins/mipsbbe3caa99dcd6d17f332752288ca3e9319cf58e8fa89b29af5f965435545f240 Miraielf mirai opendir
http://209.141.40.81/bins/mpsl3e16690b1d55793a7a763029f9eae90b4a5ba81f8a3ea63f1b8148769bea3669 Miraielf mirai opendir
http://209.141.40.81/bins/star.ppc67611e40586aa50ef2d45576803ad6f73ac0439776668a78f1071a0fac84f976 Miraielf mirai opendir
http://209.141.40.81/bins/sh4cf4abb7399914579e78de3086d550b2fbbcb7d06575e6ab260ec66558d9ade74 Miraielf mirai opendir
http://209.141.40.81/bins/spc9f9c8d7cf5cc76f5496da68b53c3166d5471236f02ed03721e77a0a1e8c10c34 Miraielf mirai opendir
http://209.141.40.81/bins/x86721fb5f5845f8a728f4f9ee050ea4c6cc3723f558bbe839b9253753015d8a867 Miraielf mirai opendir
http://209.141.40.81/bins/x86_644e4d54d0303d1f8eddd79df29e645c16faab4f7b2a4c720bd63c869075177f33 Miraielf mirai opendir

Intelligence


File Origin
# of uploads :
1
# of downloads :
39
Origin country :
Vendor Threat Intelligence
Verdict:
Malicious
Score:
92.5%
Tags:
downloader mirai agent hype
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
lolbin mirai remote
Threat name:
Linux.Trojan.Vigorf
Status:
Malicious
First seen:
2025-02-24 18:43:49 UTC
File Type:
Text (Makefile)
AV detection:
13 of 24 (54.17%)
Threat level:
  5/5
Result
Malware family:
n/a
Score:
  3/10
Tags:
discovery
Behaviour
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Please note that we are no longer able to provide a coverage score for Virus Total.

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 2f318908ce71e477b0f8d03a5734ddc4098567a96a02fa75ae1bf87d415756a4

(this sample)

  
Delivery method
Distributed via web download

Comments