MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 343058a45e1184ff143979f1b05df717b72f0fb904084ea05b5847cd1742b863. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 343058a45e1184ff143979f1b05df717b72f0fb904084ea05b5847cd1742b863
SHA3-384 hash: fecac4137755adbd700fedcaa6fd255abcd9e47d4ca85d2446427c1fb9a4c80dd71d312bffd5227f6b135ff0443ef2db
SHA1 hash: f750da14612c144b4fc94f15ee3f3b7b12af5027
MD5 hash: dd8a720bde6711b7f640b2f449b93018
humanhash: social-oscar-social-april
File name:wget2.sh
Download: download sample
File size:1'018 bytes
First seen:2025-06-05 09:58:30 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 24:OIEMe84IEMyJ4IEMONIIi4IEMkKSfz4IEMoY4IEMUl9xz4IEMo97M4IEMG54IEMa:OIYPI8mIu5ICxf8ISTIo9aIu9jIQ2IIp
TLSH T129113DCD4795E6391CE4CD0E30E90E0D993592EB70B19BEAED580863949B9643C3BF8D
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://31.171.131.21/main_armbd56b0e28161a81b7ecb48c9173e3923ae33b12fcfbdcb7444f3816c18c8c1ef Miraielf mirai
http://31.171.131.21/main_arm597744afb839e31ac5bccbd36751e49239bb28f8dc8543e016ad377ee0fd364a7 Miraielf mirai ua-wget
http://31.171.131.21/main_arm676beab1a2a1362ecb4f09a68480ec83be83b92bb4f325677a75d95f6ab7493ed Miraielf mirai ua-wget
http://31.171.131.21/main_arm78583dd8a912a6689b1b6a30662fb9756a4191d3a42dbf73761dcb9b9ef15f04f Miraielf mirai
http://31.171.131.21/main_m68k765d2fcd868547d56ca65d1a1607dbd716846ade55a21763c1ba27d6095d4c2f Miraielf mirai ua-wget
http://31.171.131.21/main_mips93c6360339aed0489885e7ffb51f591258b8f1b62b69a063c285197cd4d9b2a9 Miraielf mirai ua-wget
http://31.171.131.21/main_mpslc91a88f2fae16832f27cdd29511afa98b9bb4097f073a495911e577d2b147122 Miraielf mirai ua-wget
http://31.171.131.21/main_ppc71f26983cea8a321439fdb2413590211a2c0d34e961550f898981e7f3aec1570 Miraielf mirai ua-wget
http://31.171.131.21/main_sh4d844fb6df57d4339e1d970d417b21b422466e64e0ed1c6d586d9d11ad093f151 Miraielf mirai ua-wget
http://31.171.131.21/main_spc8b5ba26f0af7ae78f47f4167fce756a8905ac120193691062c230fdcf86da5bd Miraicensys elf mirai
http://31.171.131.21/main_x8662957dcecfdaa90da9e4d31191222a66efd760119b6b400f70fb34792692d038 Miraielf mirai ua-wget
http://31.171.131.21/main_x86_64a853b33870af369731f0a26bc1cf2fa2268e4e6e6a0ae21cbc112239f59a1c25 Miraielf mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
67
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Score:
99.1%
Link:
https://cyber-fortress.com/docs/result/index.php?id=68416b338bd5d68a12e57e5dlinux22vpnfull_triage
Tags:
mirai agent virus hype
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/68416a7f171e01f95936e350/reports/9a1d4cb2-43fb-4edb-b275-87d5be45812d/overview
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/343058a45e1184ff143979f1b05df717b72f0fb904084ea05b5847cd1742b863
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/343058a45e1184ff143979f1b05df717b72f0fb904084ea05b5847cd1742b863/
Threat name:
Linux.Trojan.Egairtigado
Create hunting rule
Status:
Malicious
First seen:
2025-06-05 09:25:09 UTC
File Type:
Text (Shell)
AV detection:
20 of 38 (52.63%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=gqyfrjc6cgcp6fbzphy3axpxc63s6d5zaqee5ic3lbd42f2cxbrq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/250605-lz8pxsvyat/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/343058a45e1184ff143979f1b05df717b72f0fb904084ea05b5847cd1742b863

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh 343058a45e1184ff143979f1b05df717b72f0fb904084ea05b5847cd1742b863

(this sample)

Mirai

elf bd56b0e28161a81b7ecb48c9173e3923ae33b12fcfbdcb7444f3816c18c8c1ef

  
URLhaus
https://urlhaus.abuse.ch/url/3558537/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3558549/
  
Dropping
MD5 c6edcb298e7732b81b54bac412d0bc6c
  
Dropping
SHA256 bd56b0e28161a81b7ecb48c9173e3923ae33b12fcfbdcb7444f3816c18c8c1ef

Comments