MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3b452c210cd732d2df19c6d962cda7b4a5e8f5b17ec7eeae83786dc1c9e54302. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 3b452c210cd732d2df19c6d962cda7b4a5e8f5b17ec7eeae83786dc1c9e54302
SHA3-384 hash: 0a2b9589f8b67a687d3910aa7939c20fbb0779b8922e1280db06f8e05d3f24778142355a9143607206b77670edd9a86a
SHA1 hash: bffc1c91835485999d1c1f1a44addea460ee4514
MD5 hash: d812a572551dbd8f43e2d67630af3c06
humanhash: fix-ink-virginia-edward
File name:chomp
Download: download sample
Signature Mirai
Create hunting rule
File size:152 bytes
First seen:2025-01-20 21:16:57 UTC
Last seen:2025-01-21 18:25:56 UTC
File type: sh
MIME type:text/plain
ssdeep 3:LxAjXWgryV8BzSHEomxQERUmOezgxAjXWgryLQFGBzSHEo8QFLRIWLmA:LwWgryV8kE1FzgwWgryLQFGkErQFmWaA
TLSH T1A8C08CC9A02233004408BCB0303128893163CC86A2B84BEF5E428032CCAA630F338A08
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://193.143.1.54/nabmips464b767532880910ad5a615225792238f340f8c020f31599b39bc1e3fc97209d Mirai501 censys elf mirai ua-wget
http://193.143.1.54/nabmpsl5a188fb57cf62e7accc4eca0e37b7ccdec300c6c966dec2531b4e5bd745f369d Mirai501 censys elf mirai ua-wget

Intelligence

File Origin
# of uploads :
2
# of downloads :
107
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.Downloader-35.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
90.2%
Link:
https://cyber-fortress.com/docs/result/index.php?id=678f4e3db5602ee8cdae3ebdlinux22vpnfull_triage
Tags:
mirai
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/678ebd4fd1baa6cf8690c736/reports/120ee70b-0658-48d1-94d1-d43e646f3a57/overview
Verdict:
Suspicious
Labled as:
SH/Mirai.C.gen
Link:
https://www.hybrid-analysis.com/sample/3b452c210cd732d2df19c6d962cda7b4a5e8f5b17ec7eeae83786dc1c9e54302
Result
Verdict:
UNKNOWN
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/3b452c210cd732d2df19c6d962cda7b4a5e8f5b17ec7eeae83786dc1c9e54302
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/3b452c210cd732d2df19c6d962cda7b4a5e8f5b17ec7eeae83786dc1c9e54302/
Threat name:
Script.Trojan.Multiverze
Create hunting rule
Status:
Malicious
First seen:
2025-01-20 21:11:13 UTC
File Type:
Text (Shell)
AV detection:
5 of 24 (20.83%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=hncsyiim24znfxyzy3mwftnhwss6r5nrp3d65ludpbw4dspfimba._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/3b452c210cd732d2df19c6d962cda7b4a5e8f5b17ec7eeae83786dc1c9e54302

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 3b452c210cd732d2df19c6d962cda7b4a5e8f5b17ec7eeae83786dc1c9e54302

(this sample)

Mirai

elf 464b767532880910ad5a615225792238f340f8c020f31599b39bc1e3fc97209d

  
URLhaus
https://urlhaus.abuse.ch/url/3407521/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3407546/
  
URLhaus
https://urlhaus.abuse.ch/url/3407630/
  
URLhaus
https://urlhaus.abuse.ch/url/3407843/
  
URLhaus
https://urlhaus.abuse.ch/url/3407850/
  
URLhaus
https://urlhaus.abuse.ch/url/3407944/
  
URLhaus
https://urlhaus.abuse.ch/url/3407958/
  
URLhaus
https://urlhaus.abuse.ch/url/3408106/
  
URLhaus
https://urlhaus.abuse.ch/url/3408123/
  
URLhaus
https://urlhaus.abuse.ch/url/3407656/
  
Dropping
MD5 ac0a7503600160df2d8c6be8e861ae64
  
Dropping
SHA256 464b767532880910ad5a615225792238f340f8c020f31599b39bc1e3fc97209d

Comments