MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 42454cd009a97389210b905e65b6e742767435d3126e7d63ef20ac5c802adbde. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 42454cd009a97389210b905e65b6e742767435d3126e7d63ef20ac5c802adbde
SHA3-384 hash: e320d18060604e4e6d5b5edbd7f21f054b5fa621c16aa22a3e5976d7c291b9cdc510609370a57cfbd45ea27877c221d7
SHA1 hash: 6d2ecd62c575b0d6753f063c541e7a7348526b4f
MD5 hash: ef911812c1ea987cd79791155472af14
humanhash: september-montana-massachusetts-mockingbird
File name:ssh
Download: download sample
Signature Mirai
Create hunting rule
File size:515 bytes
First seen:2025-08-01 09:03:24 UTC
Last seen:2025-08-02 02:49:23 UTC
File type: sh
MIME type:text/plain
ssdeep 12:XSoa9Rx5StCD9P5SZ/o/5SYw9v5SIRx5S/5B15Sv0ydU:XCnuomOnwH/aoS
TLSH T100F090DE85AF25914169B8A0723AECACF0A1C5C53D762BADE6C44E35C0ACD20F058A74
Magika txt
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://66.63.187.141/lmips2371828e7734b156b6d1a53c54970ba164c6b28e4fdc6db385ae9549ccdc3c69 MiraiDEU elf geofenced mirai ua-wget
http://66.63.187.141/lmpsladb5177ed548c8ef27c0bd431503021d0e3af507b7f0f865967fa3a02059165e MiraiDEU elf geofenced mirai ua-wget
http://66.63.187.141/larmn/an/an/a
http://66.63.187.141/larm5def2ada2b4b3e56153d1acfb2ff5c0c6a5ef279a026899c8b98e7e79822ffcc5 MiraiDEU elf gafgyt geofenced mirai ua-wget
http://66.63.187.141/larm6dfc1186a9e6afbe40937682af7edb89f9fb2931bdf58946354b574014a89667c Miraielf mirai ua-wget
http://66.63.187.141/larm78ddeac81221f80b234e76ee908d12d1075adcacd05b541fde9c3001839f03dbc MiraiDEU elf geofenced mirai ua-wget
http://66.63.187.141/lx86584342ec4fd8fefc59c7fbfbcab72f41f277439780500f25469b92ef30a67fab Miraielf gafgyt mirai ua-wget

Intelligence

File Origin
# of uploads :
2
# of downloads :
27
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.Downloader-35.UNOFFICIAL
Create hunting rule

Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/42454cd009a97389210b905e65b6e742767435d3126e7d63ef20ac5c802adbde
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/42454cd009a97389210b905e65b6e742767435d3126e7d63ef20ac5c802adbde
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/42454cd009a97389210b905e65b6e742767435d3126e7d63ef20ac5c802adbde/
Verdict:
Malicious
Threat:
HEUR:Trojan-Downloader.Shell.Agent
Link:
https://tip.neiki.dev/file/42454cd009a97389210b905e65b6e742767435d3126e7d63ef20ac5c802adbde
Threat name:
Linux.Trojan.Multiverze
Create hunting rule
Status:
Malicious
First seen:
2025-07-31 18:49:24 UTC
File Type:
Text (Shell)
AV detection:
12 of 38 (31.58%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ijcuzuajvfzysiilsbpglnxhij3hinotcjxh2y7pecwfzabk3ppa._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/42454cd009a97389210b905e65b6e742767435d3126e7d63ef20ac5c802adbde

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 42454cd009a97389210b905e65b6e742767435d3126e7d63ef20ac5c802adbde

(this sample)

Mirai

elf ab1d708d9e64759db8463356c67b9fd2ccea6854b86dc585e7df1b85fe511a5e

  
URLhaus
https://urlhaus.abuse.ch/url/3594094/
  
Delivery method
Distributed via web download
  
Dropping
MD5 1572278ddd16df06b13b6ca95f259bbb
  
Dropping
SHA256 ab1d708d9e64759db8463356c67b9fd2ccea6854b86dc585e7df1b85fe511a5e

Comments