MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7386a6be0efa8c9df0a33d3838da49fe43a139dd7d7c66ad4b18cf0592bb86d7. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 7386a6be0efa8c9df0a33d3838da49fe43a139dd7d7c66ad4b18cf0592bb86d7
SHA3-384 hash: 81eabe5cb38cf885d5ee0b41228e7701fc470220ed90e0cd11af283845e92fa0c619bef8f8c84be153b19e36c188acb6
SHA1 hash: ec8bb27453dd9177a88529d5edfb3b3fcb3a7335
MD5 hash: 9b98049413ef2df26493043857eff119
humanhash: arizona-alaska-social-triple
File name:wget.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:460 bytes
First seen:2025-02-11 06:36:40 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 6:SuUQAAH+KoHXZj+UQAXZtB2XZpUQAEkvuR0wXZXUQMMUVJT5WHXbKDaUQMoIaRIU:qUkXvXAXYEkG0wXmMQT5OXmDNEhD2X8
TLSH T126F0E94D5A513063C2F4DE95F6728AD9B046C3882CB603ECFCD3887D84E1211B040E5B
Magika txt
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://66.63.187.69/arm6n/an/aelf mirai ua-wget
http://66.63.187.69/arm5n/an/aelf mirai ua-wget
http://66.63.187.69/arm7n/an/aelf mirai ua-wget
http://66.63.187.69/mipsn/an/a32-bit elf mirai
http://66.63.187.69/mpsln/an/aelf mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
66
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Score:
97.4%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67aaf045f667f46cd182eee0linux22vpnfull_triage
Tags:
trojan mirai agent virus
Result
Verdict:
UNKNOWN
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/7386a6be0efa8c9df0a33d3838da49fe43a139dd7d7c66ad4b18cf0592bb86d7
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/7386a6be0efa8c9df0a33d3838da49fe43a139dd7d7c66ad4b18cf0592bb86d7/
Threat name:
Win32.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2025-02-11 06:37:17 UTC
File Type:
Text (Shell)
AV detection:
9 of 24 (37.50%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=oodknpqo7kgj34fdhu4drwsj7zb2coo5pv6gnlklddhqlev3q3lq._file
Result
Malware family:
n/a
Score:
  8/10
Tags:
discovery
Link:
https://tria.ge/reports/250211-hdk5ysyrdw/
Behaviour
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates physical storage devices
System Location Discovery: System Language Discovery
System Network Configuration Discovery: Internet Connection Discovery
Downloads MZ/PE file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/7386a6be0efa8c9df0a33d3838da49fe43a139dd7d7c66ad4b18cf0592bb86d7

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 7386a6be0efa8c9df0a33d3838da49fe43a139dd7d7c66ad4b18cf0592bb86d7

(this sample)

Mirai

elf e547306d6dee4b5b2b6ce3e989b9713a5c21ebe3fefa0f5c1a1ea37cec37e20f

  
URLhaus
https://urlhaus.abuse.ch/url/3425049/
  
Delivery method
Distributed via web download
  
Dropping
MD5 dd5257b6645729acaac5b97330347102
  
Dropping
SHA256 e547306d6dee4b5b2b6ce3e989b9713a5c21ebe3fefa0f5c1a1ea37cec37e20f

Comments