MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 4e08c8462c7bf4df1885caf3018e840f4511ef14e7c00658705f34179502bfdb. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 4e08c8462c7bf4df1885caf3018e840f4511ef14e7c00658705f34179502bfdb
SHA3-384 hash: 8e0b1518bd60ed04a11af89c4dff80e7bf6308c2209e45f6065fd62321266c1a219bf4bb14b4552d29f258ec14bc9316
SHA1 hash: e6c422ba60e4a2412eedbc50f3a8cd2e7d1d3c6a
MD5 hash: 0a1075a3e6dfe4ccf892898e998c0396
humanhash: purple-nuts-summer-zulu
File name:massload
Download: download sample
Signature Mirai
Create hunting rule
File size:1'615 bytes
First seen:2025-04-26 14:49:16 UTC
Last seen:2025-04-27 06:21:55 UTC
File type: sh
MIME type:text/plain
ssdeep 24:GIbTt2joHzyKXK79ts20ow0FKX2D7SiI+rTvKX1DxRKI+jjSnKXw:jTtSoTyOXoFFeoTFeJ
TLSH T13531A598BE91DFB21742DF42F0328125D06BDAC914948A15BCAB507EDDBCF093835E5B
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://46.29.235.158/mipsfaa6b6ccec1b18c325a97da222ec92e00d224b161b42b73369a4820258df18b1 Miraicensys elf mirai ua-wget
http://46.29.235.158/mpslc400dd181bffd08e441b052233ddfec1619b48b8a36f682bb793a581b5f509a5 Miraicensys elf mirai ua-wget
http://46.29.235.158/arm4213db0ad43bbab90ac80e04d7c25f50c62ea633cdf18078f0a9442b162e573a9 Miraicensys elf mirai ua-wget
http://46.29.235.158/arm51a04daf9c902b7befb47cb6fb20953f0251724dd09ec01e8ace9b3b55dfdfc8c Miraicensys elf mirai ua-wget
http://46.29.235.158/arm76b04b6da5315923abb30d077eb8075b8ee5f0a755c6afd271518b05863c6e66d Miraicensys elf mirai ua-wget
http://46.29.235.158/ppc8ea6330734041e87489ddb6689f7e93a5b66af8db0dcc0c2375d515bf96f41ba Miraicensys elf mirai ua-wget
http://46.29.235.158/sh450abefd1e93087ea7b32c236899a71b8c28646cdf51de6d285b1f60c9e778ec2 Miraicensys elf mirai ua-wget
ftp://6.29.235.158:8021/mipsn/an/an/a
ftp://6.29.235.158:8021/mpsln/an/an/a
ftp://6.29.235.158:8021/arm4n/an/an/a
ftp://6.29.235.158:8021/arm5n/an/an/a
ftp://6.29.235.158:8021/arm7n/an/an/a

Intelligence

File Origin
# of uploads :
2
# of downloads :
63
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=680ddb48cc5fb3600cc329d0linux22vpnfull_triage
Tags:
trojan mirai agent virus
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
lolbin mirai remote
Link:
https://www.filescan.io/uploads/680cf2aa218c4a98ade31204/reports/d4e51e1a-cf64-4dbd-be7d-d587f0fef1c2/overview
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/4e08c8462c7bf4df1885caf3018e840f4511ef14e7c00658705f34179502bfdb
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/4e08c8462c7bf4df1885caf3018e840f4511ef14e7c00658705f34179502bfdb
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/4e08c8462c7bf4df1885caf3018e840f4511ef14e7c00658705f34179502bfdb/
Threat name:
Script-Shell.Worm.Mirai
Create hunting rule
Status:
Malicious
First seen:
2025-04-26 16:22:31 UTC
File Type:
Text (Shell)
AV detection:
9 of 24 (37.50%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=jyemqrrmpp2n6gefzlzqddueb5crd3yu47aamwdql42bpficx7nq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/4e08c8462c7bf4df1885caf3018e840f4511ef14e7c00658705f34179502bfdb

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 4e08c8462c7bf4df1885caf3018e840f4511ef14e7c00658705f34179502bfdb

(this sample)

Mirai

elf c44c4ff70ebb5af28e2313f273f627c7cb5011e5cdee8627febc5b521b29db60

  
URLhaus
https://urlhaus.abuse.ch/url/3526668/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3526671/
  
Dropping
MD5 35c8614595a9586851a2f00ac8f4ccfc
  
Dropping
SHA256 c44c4ff70ebb5af28e2313f273f627c7cb5011e5cdee8627febc5b521b29db60

Comments