MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3b43c6d7e130c86f326dd7ec21f9b7d1028312465fa887377e45dbb16b77d510. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 3b43c6d7e130c86f326dd7ec21f9b7d1028312465fa887377e45dbb16b77d510
SHA3-384 hash: 44cd562b7b15e4a63d4bfe586608e1be5673617fb8bac85e749816e039ec63831e84a9f29b3cbb41f760504fbe2e7102
SHA1 hash: e39e751fd5a782b15295258071529710713b4d72
MD5 hash: 185c7ca44b68c4c864de23c5a61ab55f
humanhash: carbon-ten-montana-mexico
File name:test.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:739 bytes
First seen:2025-01-21 07:22:02 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 12:KGAkg9ZADzJ9YyA7d9/4AM8D9pAd81Ar6iAswsRNItAwDw+e9BhAOUwnO96Aswl:KXr9+Dt9YTh9/Nn9uDr2/sRNIyx+e9Qj
TLSH T189014C8A1D6035068844ED84756149808C02FEEEE5978B0DF8C48E7A92C8AA47027F8B
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://79.124.60.186/bins/res.x862d8fea0d43cdd0c083cf4d94267390fb91e82fc95af76865051f6d1d1214424e Mirai32-bit elf mirai x86-32
http://79.124.60.186/bins/res.sh483f662eb487b31559891eeaea6dd0c1ffa41cb0aa95aef6c202cc64c7e4ee7d8 Miraielf mirai opendir
http://79.124.60.186/bins/res.ppc3fea98738e49ec2c4ef82d2db62643550f83cd7728146db4365a74f8f64e91c7 Miraielf mirai opendir
http://79.124.60.186/bins/res.mpslee2fa2c8dd0670fca4e137cbb60675dcdc6148f799644667377273bb1e7d1ab4 Miraielf mirai opendir
http://79.124.60.186/bins/res.mips35a176fd312afaacdf56f8f53a2a4e4ecc83d737278744d0d0a9c057ddd602bc Miraielf mirai opendir
http://79.124.60.186/bins/res.arm7c74dde32c0a93bb5ec5cc8457d88e9d3d4d4eeb83343c573e7d6b3669d695621 Miraielf mirai opendir
http://79.124.60.186/bins/res.arm6eff81e483d964da558eb9214e743b85ea4b4cd8f0c24f4c0c1638f8f6bb557bc Miraielf mirai opendir
http://79.124.60.186/bins/res.arm5b893ec14f82f0111a82adb81c4ff326af075a594f9ed4443eb0de2346ef03aaf Miraielf mirai opendir
http://79.124.60.186/bins/res.arm368d9c9d203dc9e6047e7f00c6c92cfdbb845348bc7516dfd0569ed3cda16f1c Miraielf mirai opendir

Intelligence

File Origin
# of uploads :
1
# of downloads :
67
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=678f4e61b5602ee8cdae3f56linux22vpnfull_triage
Tags:
n/a
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/678f4b26546efb719fab5b78/reports/78bbb4b8-f128-4de0-9f72-ea6d1ee6fbad/overview
Result
Verdict:
UNKNOWN
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/3b43c6d7e130c86f326dd7ec21f9b7d1028312465fa887377e45dbb16b77d510
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/3b43c6d7e130c86f326dd7ec21f9b7d1028312465fa887377e45dbb16b77d510/
Threat name:
Linux.Downloader.SAgnt
Create hunting rule
Status:
Malicious
First seen:
2025-01-21 07:23:04 UTC
File Type:
Text (Shell)
AV detection:
10 of 24 (41.67%)
Threat level:
  3/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=hnb4nv7bgdeg6mtn27wcd6nx2ebigesgl6uion36ixn3c23x2uia._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
linux
Link:
https://tria.ge/reports/250121-h69zsasnht/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/3b43c6d7e130c86f326dd7ec21f9b7d1028312465fa887377e45dbb16b77d510

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 3b43c6d7e130c86f326dd7ec21f9b7d1028312465fa887377e45dbb16b77d510

(this sample)

Mirai

elf 2d8fea0d43cdd0c083cf4d94267390fb91e82fc95af76865051f6d1d1214424e

  
URLhaus
https://urlhaus.abuse.ch/url/3408544/
  
Delivery method
Distributed via web download
  
Dropping
MD5 ccfb12730ec7c922964da7217c9bd578
  
Dropping
SHA256 2d8fea0d43cdd0c083cf4d94267390fb91e82fc95af76865051f6d1d1214424e

Comments