MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 60c5a0f9bec272dec051bbb0c5dfd9eb2b10ef4f54494dbea486c55ad5cbf63d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 60c5a0f9bec272dec051bbb0c5dfd9eb2b10ef4f54494dbea486c55ad5cbf63d
SHA3-384 hash: 748f989c78b76ddd368d9c8155c9f4e87d4dcf7ce119328db3032979f2ba47ad381f1e92c3dc15090f6a67763d053872
SHA1 hash: f5718cea3211717f3d782bbffa700493e318e51f
MD5 hash: a36fccce9d024050809b9cbf984e64a2
humanhash: connecticut-potato-lake-item
File name:w.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:1'849 bytes
First seen:2026-04-30 02:07:03 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 12:3d4vvd7RmRFZRcvdq5RcIvdmiAovdJEfEa7EIEHvdUnvdDXAwEvduMHvdOGvdcPb:MUJr5ibiVEfE2E5SXbXU0fMk
TLSH T1C031A7DE2304A7309109494DB7DCB5702E05E9C12AD98B0C968C08FA5FCED0CEAE1F54
Magika csv
Reporter BlinkzSec
URLMalware sample (SHA256 hash)SignatureTags
http://103.83.87.122/bins/xnxnxnxnxnxnxnxnaarch64xnxn8b215223e158a907955322d896f54cfa81aa13fc08ee21f44bb9febdc8c2735d Mirai103-83-87-122 elf mirai ua-wget
http://103.83.87.122/bins/xnxnxnxnxnxnxnxni386xnxn0cca6e881427723c8ae9f364f9fb9017f8aa46c3eadc3c8e2c1c9ff6b5ef5c28 Mirai103-83-87-122 elf mirai ua-wget
http://103.83.87.122/bins/xnxnxnxnxnxnxnxnloongarch64xnxnd656e79dfea0369230cf03b1ac6caf3f70e80ead258ae885d9397253976ea097 Mirai103-83-87-122 elf mirai ua-wget
http://103.83.87.122/bins/xnxnxnxnxnxnxnxnm68kxnxn84d0b566c811e65a4d340d0fc1f8d8fb1031d578a5a05b605b54b52009413d77 Mirai103-83-87-122 elf mirai ua-wget
http://103.83.87.122/bins/xnxnxnxnxnxnxnxnmicroblazexnxn28dcbcec7d8a7e3c3a80a93037514c5ba3e26c6cd70af9fc23bad400e6003019 Mirai103-83-87-122 elf mirai ua-wget
http://103.83.87.122/bins/xnxnxnxnxnxnxnxnmipsxnxnfb1d850282bf32890e024b8664964c0fd3ae9d3446950e32a3b17382436ba656 Mirai103-83-87-122 elf mirai ua-wget
http://103.83.87.122/bins/xnxnxnxnxnxnxnxnor1kxnxn5cbf9e3247217621a43293c10dff51b055dd2f3ddd371010d3be8364ce91978c Mirai103-83-87-122 elf mirai ua-wget
http://103.83.87.122/bins/xnxnxnxnxnxnxnxnpowerpcxnxnd550eef48d130eaecab1fd852c760cb6ba22eb4c3c57ef3cc333dd928c060142 Mirai103-83-87-122 elf mirai ua-wget
http://103.83.87.122/bins/xnxnxnxnxnxnxnxnriscv32xnxn11f348acdbd7ffc78c1f13e6cadc23d5ca82a3370a961e5bbabd62be1787f486 Mirai103-83-87-122 elf mirai ua-wget
http://103.83.87.122/bins/xnxnxnxnxnxnxnxnriscv64xnxn25f2cfc80db98a64ad69e6c094c3974c04c8a15a7a0351487d399baef1fb9ae4 Mirai103-83-87-122 elf mirai ua-wget
http://103.83.87.122/bins/xnxnxnxnxnxnxnxnsh2xnxn4899e3b74387abd6fb99c7d74944d9508c8e1a585e8910743a936a3747951712 Mirai103-83-87-122 elf mirai ua-wget
http://103.83.87.122/bins/xnxnxnxnxnxnxnxnsh4xnxnc506891a506da2a166e7bf1450c6e32a31c49d84438f4e91b0eb51272f38efa4 Mirai103-83-87-122 elf mirai ua-wget
http://103.83.87.122/bins/xnxnxnxnxnxnxnxnx86_64xnxn84393056121c85f513925b8d275e2588eb43c3ab3c6dac17ffdf9245fa79f68b Mirai103-83-87-122 elf mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
42
Origin country :
SK SK
Vendor Threat Intelligence
No detections
Detection(s):
SecuriteInfo.com.Linux.Downloader-32.UNOFFICIAL
Create hunting rule

Verdict:
Clean
File Type:
ps1
First seen:
2026-04-29T23:22:00Z UTC
Last seen:
2026-04-29T23:39:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/60c5a0f9bec272dec051bbb0c5dfd9eb2b10ef4f54494dbea486c55ad5cbf63d/results?tab=lookup
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/60c5a0f9bec272dec051bbb0c5dfd9eb2b10ef4f54494dbea486c55ad5cbf63d
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/60c5a0f9bec272dec051bbb0c5dfd9eb2b10ef4f54494dbea486c55ad5cbf63d/
Verdict:
Malicious
Link:
https://tip.neiki.dev/file/60c5a0f9bec272dec051bbb0c5dfd9eb2b10ef4f54494dbea486c55ad5cbf63d
Threat name:
Document-HTML.Downloader.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2026-04-30 02:17:09 UTC
File Type:
Text (Shell)
AV detection:
10 of 24 (41.67%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=mdc2b6n6yjzn5qcrxoymlx6z5mvrb32pkreu3pveq3cvvvol6y6q._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260430-ckezmaat5t/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/60c5a0f9bec272dec051bbb0c5dfd9eb2b10ef4f54494dbea486c55ad5cbf63d

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 60c5a0f9bec272dec051bbb0c5dfd9eb2b10ef4f54494dbea486c55ad5cbf63d

(this sample)

Mirai

elf 63990e20a22b8ed8faf451a9e1f6226231e6a31833bf7eb87003253521cfb126

Mirai

elf 8b215223e158a907955322d896f54cfa81aa13fc08ee21f44bb9febdc8c2735d

  
URLhaus
https://urlhaus.abuse.ch/url/3835139/
  
Delivery method
Distributed via web download
  
Dropping
MD5 5c9264f3d5587bb6d8a123bd14897558
  
Dropping
SHA256 8b215223e158a907955322d896f54cfa81aa13fc08ee21f44bb9febdc8c2735d

Comments