MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 6518d127b1f1b6f61f5c0434292c06065f852db39581dc01591fea07fac0b2b8. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 6518d127b1f1b6f61f5c0434292c06065f852db39581dc01591fea07fac0b2b8
SHA3-384 hash: 712c3a33daa8bf52908e060a1bd28fabc8f7626afcd6d5c1f7ac4ea4c50f6c3dd153dd3ca36f027ba4b6c2bad931b5c1
SHA1 hash: 532bd756cd2516c33a122b5e6bc4d904f1ffda30
MD5 hash: d678a6f5d04e4f35c3e4c3b518e365d7
humanhash: minnesota-lamp-mississippi-nine
File name:mag
Download: download sample
Signature Mirai
Create hunting rule
File size:512 bytes
First seen:2025-03-15 00:18:43 UTC
Last seen:2025-03-15 03:01:50 UTC
File type: sh
MIME type:text/plain
ssdeep 12:od8VLLF9ZdFRLLF9ZdrLLF9ZdlI3LLF9Zdc7LLF9Zd8LLF9m:oKVLRlLRxLR7qLRO7LRqLO
TLSH T158F012DA3C01450D4D02D988253BCF11F911D2ECB180CB1A7DAB393AD0B8A587D21B88
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://87.120.253.44/re.bot.mipsac61fe040ab4b5679119b4bb6292fe940170c4511f1da3e780292bbac1a044f6 Miraiddos elf mirai
http://87.120.253.44/re.bot.mpslc08cddb3d6804838132d55afddce2bfdb6d0870977dad7eb99bdd3f73f75ba4e Miraiddos elf mirai
http://87.120.253.44/re.bot.armn/an/addos elf mirai
http://87.120.253.44/re.bot.arm5n/an/addos elf mirai
http://87.120.253.44/re.bot.arm707ef12e0741251ae867210ed7db52419181baefa7981075d41afcbd7567bd3d2 Miraiddos elf mirai
http://87.120.253.44/re.bot.aarch64n/an/addos elf mirai

Intelligence

File Origin
# of uploads :
2
# of downloads :
132
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67d54b0a3962f1a6f4718ce3linux22vpnfull_triage
Tags:
medusa mirai agent virus
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/67d4c7c90a7899f35796d2ab/reports/fb14351a-6ed5-400b-b2cf-bb07347a7e7e/overview
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/6518d127b1f1b6f61f5c0434292c06065f852db39581dc01591fea07fac0b2b8
Result
Verdict:
MALICIOUS
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/6518d127b1f1b6f61f5c0434292c06065f852db39581dc01591fea07fac0b2b8
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/6518d127b1f1b6f61f5c0434292c06065f852db39581dc01591fea07fac0b2b8/
Threat name:
Linux.Trojan.Medusa
Create hunting rule
Status:
Malicious
First seen:
2025-03-15 08:36:12 UTC
File Type:
Text (Shell)
AV detection:
11 of 24 (45.83%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=mumncj5r6g3pmh24aq2cslagazpyklntswa5yakzd7vap6wawk4a._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/6518d127b1f1b6f61f5c0434292c06065f852db39581dc01591fea07fac0b2b8

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 6518d127b1f1b6f61f5c0434292c06065f852db39581dc01591fea07fac0b2b8

(this sample)

Mirai

elf 7c4da6ca887c3bb2a03c11a90e21057c1f2ef48f6f9e760ffe7c5401592bf201

  
URLhaus
https://urlhaus.abuse.ch/url/3477735/
  
Delivery method
Distributed via web download
  
Dropping
MD5 60492f54823aa2e56fdf484f5cb3df42
  
Dropping
SHA256 7c4da6ca887c3bb2a03c11a90e21057c1f2ef48f6f9e760ffe7c5401592bf201

Comments