MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 6b1c31524031abe57d8a56cf8741f3bf427d3bfefe5a73e1dbd50955b139626e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 6b1c31524031abe57d8a56cf8741f3bf427d3bfefe5a73e1dbd50955b139626e
SHA3-384 hash: 61232a535cb5ce2e2b3b315095d11045a96c25511840a58264fcfef0f24130cca4957b3db2710d77e3cfe4eed89793cf
SHA1 hash: 529934df793b31d6521bda4392694e7a8654a05f
MD5 hash: d7a05a5d89819f10174976c3228c73f2
humanhash: comet-two-social-summer
File name:tp
Download: download sample
Signature Mirai
Create hunting rule
File size:271 bytes
First seen:2025-08-13 16:24:41 UTC
Last seen:2025-08-14 01:30:23 UTC
File type: sh
MIME type:text/plain
ssdeep 6:LdUQN/s6IdUQN/idwdUQN/uNNIFZdUQN/Sa0LKifn:X/sl/iw/6NIj/H0LKon
TLSH T1C7D012AE745721D345A5DEB0B67294C0F026E5C0E07B5B8DE5C5887581D8921B054B74
Magika shell
Reporter abuse_ch
Tags:mirai sh
URLMalware sample (SHA256 hash)SignatureTags
http://66.63.187.141/arm4cd70744ef6cb273b118728efb46fe5f5c60abaaca71c965595926f2efd1d07be Miraielf gafgyt mirai ua-wget
http://66.63.187.141/arm52153f7f0232ac7e9fb23ee4c50aabb18c7f32ff2653f213796fb55b3229aabf4 Miraielf gafgyt mirai ua-wget
http://66.63.187.141/arm66062592a30f707d9cc1d5ba80dd76140736d28829df170f53a710bf182b83ce9 Miraielf mirai ua-wget
http://66.63.187.141/arm78caac9e05312ee38e05a89b23e920a5901c4c88736db0b345e5184dbef7ce50b Miraielf mirai ua-wget

Intelligence

File Origin
# of uploads :
2
# of downloads :
30
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.Downloader-35.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Labled as:
TrojanDownloader/Linux.Mirai
Link:
https://www.hybrid-analysis.com/sample/6b1c31524031abe57d8a56cf8741f3bf427d3bfefe5a73e1dbd50955b139626e
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/6b1c31524031abe57d8a56cf8741f3bf427d3bfefe5a73e1dbd50955b139626e
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/6b1c31524031abe57d8a56cf8741f3bf427d3bfefe5a73e1dbd50955b139626e/
Verdict:
Malicious
Threat:
HEUR:Trojan-Downloader.Shell.Agent
Link:
https://tip.neiki.dev/file/6b1c31524031abe57d8a56cf8741f3bf427d3bfefe5a73e1dbd50955b139626e
Threat name:
Linux.Worm.Mirai
Create hunting rule
Status:
Malicious
First seen:
2025-08-13 16:08:58 UTC
File Type:
Text (Shell)
AV detection:
9 of 24 (37.50%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=nmodcusaggv6k7mkk3hyoqptx5bh2o767znhhyo32uevlmjzmjxa._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/6b1c31524031abe57d8a56cf8741f3bf427d3bfefe5a73e1dbd50955b139626e

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 6b1c31524031abe57d8a56cf8741f3bf427d3bfefe5a73e1dbd50955b139626e

(this sample)

Mirai

elf 4289fa94c83936a772cc9f214fc1bc5daa3ce2a2e53e919f22945eb298130b37

  
URLhaus
https://urlhaus.abuse.ch/url/3602004/
  
Delivery method
Distributed via web download
  
Dropping
MD5 1c41d1ca31d601ed1950e59e10246153
  
Dropping
SHA256 4289fa94c83936a772cc9f214fc1bc5daa3ce2a2e53e919f22945eb298130b37

Comments