MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 52416bd2866fd5bff683577cd1bafd19ca179fd9b4366a7f0a478912b35adec8. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 52416bd2866fd5bff683577cd1bafd19ca179fd9b4366a7f0a478912b35adec8
SHA3-384 hash: 51e0eaf886cae2927f10274d028f59c24fa11ba1046a1d15433cd2c2b0fba687fa3377ae8aee916c2520cec8922505b8
SHA1 hash: 1a0b453a6ee18ae90a75d859c6dfd935ba5bdf61
MD5 hash: f5d0486980c03eb547c154daf9276458
humanhash: cold-speaker-aspen-cold
File name:and
Download: download sample
Signature Mirai
Create hunting rule
File size:3'543 bytes
First seen:2025-04-04 20:07:10 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 48:xwEsWXlff1A29pxCYNLj/a41a2KuK+Xc7tyOT7NhBH8:L71A2NJLG442OE
TLSH T14C7126CB2763693D094FC88135D28989B3147ADAB08437CCD548127A5543EAEB8E9FFC
Magika txt
Reporter abuse_ch
Tags:mirai sh
URLMalware sample (SHA256 hash)SignatureTags
http://160.191.243.33/an/an/amirai moobot sh
http://160.191.243.33/most-arm0dce1881f5120bd71343573cca5cacb52630c2768fa45bf5498f69c80d303a15 Miraielf mirai moobot
http://160.191.243.33/most-arm5437057efefd5c80a0278295a72b8a033f844c0d3e728d4d7c57bb89da69feea0 Miraielf mirai moobot
http://160.191.243.33/most-arm6c0d756ea0c5a4dacd3b6fe8e564218acaa0bdb479260131ddbccbc0a17fe2521 Miraielf mirai moobot
http://160.191.243.33/most-arm740bfa14aadc4aa4067ec27b05e84c2a06b02edc652cff3fa0dd9124d7312f35e Miraielf mirai moobot
http://160.191.243.33/most-m68k97333d7b23788893aa5bf17a82c18995589b9d48bd9aecd7b172d1f9b7d29ef4 Miraielf mirai moobot
http://160.191.243.33/most-mips456855a10afc3beeb9bdeab453cf52167642032ea250e16e9419327201de39d3 Miraielf mirai moobot
http://160.191.243.33/most-mpslad4ea2e99092e2e5511993c37051c6c18767464b93b5ddf9b5fdb87565b62ac0 Miraielf mirai moobot
http://160.191.243.33/most-ppce046eae1f9862254c2126c741696f6f3a7ccb1682382e6a4ec43a0b07cd594f3 Miraielf mirai moobot
http://160.191.243.33/most-sh4b27b57e2653db26cc94c9032b9c60c73e4a97cae758c00105ee879c7fc787060 Miraielf mirai moobot
http://160.191.243.33/most-spc45c3040bb3b4d691f36366bce288bc953d13d2174d7ad33e5521d0c6e6695e76 Miraielf mirai moobot
http://160.191.243.33/most-x86d2dc63cb392e472255dc0024a9e41f2f156e4b016b98bcd65e40124d551d131a Miraielf mirai moobot
http://160.191.243.33/most-x86_6437655e6676ef77fe577eb4ad5ff1562290bec739bef988fc6aeb36f9802a6700 Miraielf mirai moobot

Intelligence

File Origin
# of uploads :
1
# of downloads :
112
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Score:
99.1%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67f0cc0fcfd0a37f830e987dlinux22vpnfull_triage
Tags:
mirai ddos
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/67f03bf4b070fb3f945f033e/reports/e1b232cc-347a-4867-b6ba-a609c1d8d161/overview
Verdict:
Malicious
Labled as:
Bash.MiraiA.Generic
Link:
https://www.hybrid-analysis.com/sample/52416bd2866fd5bff683577cd1bafd19ca179fd9b4366a7f0a478912b35adec8
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/52416bd2866fd5bff683577cd1bafd19ca179fd9b4366a7f0a478912b35adec8
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/52416bd2866fd5bff683577cd1bafd19ca179fd9b4366a7f0a478912b35adec8/
Threat name:
Script-Shell.Trojan.Alevaul
Create hunting rule
Status:
Malicious
First seen:
2025-04-04 21:53:15 UTC
File Type:
Text (Shell)
AV detection:
11 of 24 (45.83%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=kjawxuugn7k375udk56ndox5dhfbph6zwq3gu7yki6erfm2233ea._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/52416bd2866fd5bff683577cd1bafd19ca179fd9b4366a7f0a478912b35adec8

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 52416bd2866fd5bff683577cd1bafd19ca179fd9b4366a7f0a478912b35adec8

(this sample)

MooBot

sh acda26fe90bf774c981f53fe0f5bc3d35b4eae204d081467e708a7dbe5a25501

  
URLhaus
https://urlhaus.abuse.ch/url/3501304/
  
Delivery method
Distributed via web download
  
Dropping
MD5 f775ab0eb4d0eedb1970413bf5bf40b4
  
Dropping
SHA256 acda26fe90bf774c981f53fe0f5bc3d35b4eae204d081467e708a7dbe5a25501

Comments