MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3b1294e989efd51c9e373b06f5548ebd176910eb311bba61333f3f76ccd46751. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 3b1294e989efd51c9e373b06f5548ebd176910eb311bba61333f3f76ccd46751
SHA3-384 hash: 99ed571f8f0fe8915372a44d518cc1cd984bdaf818f1445d79fdaeeffc6f974cec7d9b2b7a0d5479519df0057c21f749
SHA1 hash: e0e4afd2208ec66e0bebadc24f6ea94b720395a3
MD5 hash: cf5e28ad68d28873951cf28432e79ae9
humanhash: xray-apart-lactose-johnny
File name:2.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:692 bytes
First seen:2025-02-07 22:06:16 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 6:lOnFfl7NJiLc/iLeZ7QqDwOnFfl8SJiLJ+GC7/iL8gA2UlOnFfltNuiLbx/iLXdW:OfF++GC7HgFp6lVx2xbr
TLSH T1B00184C721679B793AA845E3F3B407C5F490E68424E25D0856E93CE2408CDCAF5B4672
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://107.189.1.200/5117e74e6d5c74146bdc66ae7b2cc5e148104b3128c2b48de07066e327d0f0fbb Miraielf mirai ua-wget
http://107.189.1.200/1512cfb0717d47346a1d0e6421ac04afbfeaf3982a54562059340de1c7b138c82 Miraielf mirai ua-wget
http://107.189.1.200/2c072691e9f3b634cc110f1fddac7a43e4690a7fc11657e582da34f7fc29a6b0d Miraielf mirai ua-wget
http://107.189.1.200/7a0d0d513469f9f213fb7a6746b1f94f1173ef7d69c834d924bbadfe9d2a789cc Miraielf mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
137
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.Downloader-29.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
90.2%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67a6858aab8a2d1c6bcd995dlinux22vpnfull_triage
Tags:
agent hype sage
Result
Verdict:
MALICIOUS
Score:
97%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/3b1294e989efd51c9e373b06f5548ebd176910eb311bba61333f3f76ccd46751
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/3b1294e989efd51c9e373b06f5548ebd176910eb311bba61333f3f76ccd46751/
Threat name:
Linux.Trojan.Multiverze
Create hunting rule
Status:
Malicious
First seen:
2025-02-07 22:07:14 UTC
File Type:
Text (Shell)
AV detection:
15 of 38 (39.47%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=hmjjj2mj57krzhrxhmdpkveoxulwsehlgen3uyjth47xntgum5iq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/3b1294e989efd51c9e373b06f5548ebd176910eb311bba61333f3f76ccd46751

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 3b1294e989efd51c9e373b06f5548ebd176910eb311bba61333f3f76ccd46751

(this sample)

Mirai

elf 117e74e6d5c74146bdc66ae7b2cc5e148104b3128c2b48de07066e327d0f0fbb

  
URLhaus
https://urlhaus.abuse.ch/url/3431302/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3431579/
  
Dropping
MD5 2d876fa1d776afffa56a04a2e2d6e112
  
Dropping
SHA256 117e74e6d5c74146bdc66ae7b2cc5e148104b3128c2b48de07066e327d0f0fbb

Comments