MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 52cf69deca0da7f759a1b4afcb74dae344ec5ab896625a3a0f6d778650a845dc. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 52cf69deca0da7f759a1b4afcb74dae344ec5ab896625a3a0f6d778650a845dc
SHA3-384 hash: dcc7faa2ceb7af7fb35cc12ef5b8072235d2e8c3cde437cd310114d3a5d965924331c6d3fc669caf74af0bebf0bf9ea3
SHA1 hash: e0eb6670e4458620d82eaa7da9996785f42e3b74
MD5 hash: f153dcc4db3131dea9f7151e98ebd144
humanhash: rugby-ink-thirteen-west
File name:w.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:851 bytes
First seen:2025-02-07 06:46:03 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 12:OSUAPQSAeIDS0sQS6BSkuqSuVatS8A7OfBSARSggW0S4Sk/SkX5wQSwd:O4IReI20B3JPQjfBFRl4/NlCQJ
TLSH T1EE012ACE52B13028A404E94161674489B106E7D22DD98BE4BFEE2A33A284AD07C7CE47
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://93.123.109.120/bejv861663b78b27d276fe08994d9c12ce8f5d5ce3f3be08754427dc710457f5f69a53 Miraielf mirai
http://93.123.109.120/weje64aca1ce7912a2ab6360ecbe83f7f04263549430daa46a1cff34e8f25b79f24387 Miraielf mirai
http://93.123.109.120/rrrdsl9523abc17cfde9e084e16992449a34b0cb3633bccb70ecd639e6ccb9c7611f1c Miraielf mirai
http://93.123.109.120/jfeepsa3398e60f5233078c40608e0711d39a7481ed0cd521eab711b34339dde34f7a1 Mirai32-bit elf mips mirai
http://93.123.109.120/drea4f0baff81c648dbcb10c758da8a2236bca1665637c639de713e773730b66ed78f Miraielf mirai
http://93.123.109.120/vejfa564164ee96e554c0c6d3d66d9fedf139e5cd94a78740f4718c736a925512cc97c Miraielf mirai
http://93.123.109.120/efea6bc64edc10bed383682e7583b41249c47dc8b5533d23fe907dd0115078b1bb770 Miraielf mirai
http://93.123.109.120/efefa7d5e7b12a71d1e7cdb5f9b5e6b18325fd6389584680903f11607cf4aca59057ca Miraielf mirai
http://93.123.109.120/eehah4dfa12097adc4d95066da0a53c2fd94f2c63f9be1fb421f3d21f50d692c73ecbb Miraielf mirai
http://93.123.109.120/rjfe68682f51553e8b7f7bce47f729d857582e1a96e600a3bf31f2c341f987c560d7422 Miraielf mirai
http://93.123.109.120/vjwe68ke83e37093fdb226cb0f16003021e0a21f450bc54b36caacde168e378a4762006 Miraielf mirai
http://93.123.109.120/efjepc22de82808211e599d2e31838a3ea61702b56fff0deab1732aefac47f77b001e5 Miraielf mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
80
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Score:
90.2%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67a5acfbab8a2d1c6bcd6252linux22vpnfull_triage
Tags:
malware
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/67a5ac3ac039745a58bebaba/reports/95038940-8227-4f8b-9b8d-eab998f7a293/overview
Result
Verdict:
UNKNOWN
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/52cf69deca0da7f759a1b4afcb74dae344ec5ab896625a3a0f6d778650a845dc
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/52cf69deca0da7f759a1b4afcb74dae344ec5ab896625a3a0f6d778650a845dc/
Threat name:
Win32.Trojan.Vigorf
Create hunting rule
Status:
Malicious
First seen:
2025-02-07 06:46:20 UTC
File Type:
Text (Shell)
AV detection:
11 of 24 (45.83%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=klhwtxwkbwt7ownbwsx4w5g24ncoywvyszrfuoqpnv3ymufiixoa._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
linux
Link:
https://tria.ge/reports/250207-hjrjxstqem/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/52cf69deca0da7f759a1b4afcb74dae344ec5ab896625a3a0f6d778650a845dc

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 52cf69deca0da7f759a1b4afcb74dae344ec5ab896625a3a0f6d778650a845dc

(this sample)

Mirai

elf 1663b78b27d276fe08994d9c12ce8f5d5ce3f3be08754427dc710457f5f69a53

  
URLhaus
https://urlhaus.abuse.ch/url/3430679/
  
Delivery method
Distributed via web download
  
Dropping
MD5 2fb1fe50835a4463ee1bc87c400ccb8d
  
Dropping
SHA256 1663b78b27d276fe08994d9c12ce8f5d5ce3f3be08754427dc710457f5f69a53

Comments