MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 533f6eba660cbb3a011133f2ede8ef9005d9b50acc1db8ae00f47c4d6f11b6f1. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 533f6eba660cbb3a011133f2ede8ef9005d9b50acc1db8ae00f47c4d6f11b6f1
SHA3-384 hash: f3f39228e3b176731864cf0801bb7da1a86f6548332125ca0146c6ebfb4f7229ace5443b29f6e901455858303f5032ef
SHA1 hash: f29c5dc0f79a42b53c9599545ed70a91b4e9f756
MD5 hash: 59dcf9c929066e504e2ee4ba645298af
humanhash: georgia-papa-one-yankee
File name:r
Download: download sample
Signature Mirai
Create hunting rule
File size:946 bytes
First seen:2025-11-28 18:01:22 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 24:boWByTwIStndn8mUXmfmFmifmjmSKAH2K2atkk0:boGyTStdn8TWUPfq5vH25at/0
TLSH T1D711E9EA7290536685C98F12E2516935B74B5ADFD4581EDCB0CF38758B59C047025F07
TrID 70.0% (.SH) Linux/UNIX shell script (7000/1)
30.0% (.) Unix-like shebang (var.3) (gen) (3000/1)
Magika shell
Reporter abuse_ch
Tags:mirai sh
URLMalware sample (SHA256 hash)SignatureTags
http://103.146.23.141/mips8940a2d83740ea74154a6ede90488eb87e10ca22f092597e9c27f00ae380f8cb Miraielf geofenced mips mirai ua-wget USA
http://103.146.23.141/mpsl5add3655c138947e54f6e93f583e7704a9a33ea87a1c76eb5322358d9d6d992e Miraielf geofenced mips mirai ua-wget USA
http://103.146.23.141/armfe97cfdc07d40ad61d688edb30b6d7fdb500c0d6db85f7d1f9e639173922f4ab Miraiarm elf geofenced mirai ua-wget USA
http://103.146.23.141/arm55b94659fba807f800bca96cbf40d6be1da4306e21b0f6f2579c41f70585690e9 Miraiarm elf geofenced mirai ua-wget USA
http://103.146.23.141/arm721c9e1189e8447ddb5e233401d47ac4be0321d988e081a75a074d4414cf1a5a8 Miraiarm elf geofenced mirai ua-wget USA
http://103.146.23.141/x8686b6d6e282d0c889d7e97e6414672b37cbcb016d8f133212958a9b3af90c53e5 Miraielf mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
24
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Labled as:
Trojan[Downloader]/Shell.Agent
Link:
https://www.hybrid-analysis.com/sample/533f6eba660cbb3a011133f2ede8ef9005d9b50acc1db8ae00f47c4d6f11b6f1
Result
Gathering data
Score:
99%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/533f6eba660cbb3a011133f2ede8ef9005d9b50acc1db8ae00f47c4d6f11b6f1
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/533f6eba660cbb3a011133f2ede8ef9005d9b50acc1db8ae00f47c4d6f11b6f1/
Verdict:
Malicious
Threat:
Trojan-Downloader.Shell.Agent
Link:
https://tip.neiki.dev/file/533f6eba660cbb3a011133f2ede8ef9005d9b50acc1db8ae00f47c4d6f11b6f1
Threat name:
Linux.Worm.Mirai
Create hunting rule
Status:
Malicious
First seen:
2025-11-28 17:43:02 UTC
File Type:
Text (Shell)
AV detection:
14 of 36 (38.89%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=km7w5otgbs5tuairgpzo32hpsac5tnikzqo3rlqa6r6e23yrw3yq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.31
Link:
https://yomi.yoroi.company/submissions/533f6eba660cbb3a011133f2ede8ef9005d9b50acc1db8ae00f47c4d6f11b6f1

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 533f6eba660cbb3a011133f2ede8ef9005d9b50acc1db8ae00f47c4d6f11b6f1

(this sample)

Mirai

elf 8940a2d83740ea74154a6ede90488eb87e10ca22f092597e9c27f00ae380f8cb

  
URLhaus
https://urlhaus.abuse.ch/url/3718764/
  
Delivery method
Distributed via web download
  
Dropping
MD5 526fae8371c976de947c8cbe86c7a0e7
  
Dropping
SHA256 8940a2d83740ea74154a6ede90488eb87e10ca22f092597e9c27f00ae380f8cb

Comments