MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7562a7cbfc436a63a3bf6cad96fb59673e37b5f93baac526dc90d856f80c3215. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 8


Intelligence 8 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 7562a7cbfc436a63a3bf6cad96fb59673e37b5f93baac526dc90d856f80c3215
SHA3-384 hash: 6696f9212dd2a824c17c1a1149b938498ec3a771c42bdfc5d8dab6a2d12575122e93878d6346ad08e4691b3131066cc8
SHA1 hash: 89ad928b5f4816167150ac33ff413224092609f2
MD5 hash: ad73b61066f2d33b52ff5e83adccd214
humanhash: sodium-missouri-earth-bakerloo
File name:jack5tr.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:2'039 bytes
First seen:2026-03-27 15:02:00 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 24:ItDyd/sN/sk/s3Wold/sMYM/srG/s//sSfHZ/s1/sFh/sKT/sg/scReH:ieG2z3WeGMyrRMcHKe8HnD
TLSH T1214114CB22630B762DA2E963F2F905847180F19574D8EE5CEEEC7EF8628CD047194A47
TrID 70.0% (.SH) Linux/UNIX shell script (7000/1)
30.0% (.) Unix-like shebang (var.3) (gen) (3000/1)
Magika shell
Reporter BlinkzSec
Tags:mirai
URLMalware sample (SHA256 hash)SignatureTags
http://45.139.104.122/x8670c1e0f0bb43ff0f168169ec0cde292a7afa267d96f4f6d9f744741f97651321 Miraielf mirai ua-wget
http://45.139.104.122/mips96b666ea26920c5d07603612cd9646c350d5e3511c02d7e6478263925bc3edd5 Miraielf mirai ua-wget
http://45.139.104.122/arcn/an/an/a
http://45.139.104.122/x86_643d1209392b3091b1233600a52584b70fe443a5c75bc5a0f3cde99829175be344 Miraielf mirai ua-wget
http://45.139.104.122/mpsl440d42ae1512c61c5ae92fbc50b45afb750a698cb5606e68fa2d91548e1e0aab Miraielf mirai ua-wget
http://45.139.104.122/arm62d8c17ef6f2a0e14d7cc97593cd11dd222ad2525f857e121f429e5aea5ff1a4 Miraielf mirai ua-wget
http://45.139.104.122/arm5966e84772c4a50b992733a6086e4a53e562a1f54b56aa2ccec41c53e5eec7321 Miraielf mirai ua-wget
http://45.139.104.122/arm6a1d138c993d49a64d123e80489b9e764da1d3335a6c1415bd7b74486bd0d0e20 Miraielf mirai ua-wget
http://45.139.104.122/arm792a4956cfcac87ee2ca8e6a913bb49bc90e5b0a659037cac4ddcd9961644db27 Miraielf mirai ua-wget
http://45.139.104.122/ppcd24d4b2f6c831807bfad1eaead15fe4bd59f051ade6c8cca256b00db8adfbba9 Miraielf mirai ua-wget
http://45.139.104.122/spc16c2bac923abbe3ccae861f5f62da28034f54a253ead71ed86c28fac52d0400b Miraielf mirai ua-wget
http://45.139.104.122/m68k313d159697b96aa2e5939148d8d5205d41f1325acbfcd1f1e0ac3470ce0e2a00 Miraielf mirai ua-wget
http://45.139.104.122/sh4e42b42da2d78f6cf9b7f01151f06d92c8b38eab6879c206fd3192f598613f792 Miraielf mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
45
Origin country :
GB GB
Vendor Threat Intelligence
No detections
Detection(s):
Sanesecurity.Malware.30790.LX.BOT.UNOFFICIAL
Create hunting rule

SecuriteInfo.com.Linux.Downloader-29.UNOFFICIAL
Create hunting rule

Result
Gathering data
Verdict:
Malicious
File Type:
unix shell
Detections:
HEUR:Trojan-Downloader.Shell.Agent.p HEUR:Trojan-Downloader.Shell.Agent.gen HEUR:Trojan-Downloader.Shell.Agent.a
Link:
https://opentip.kaspersky.com/7562a7cbfc436a63a3bf6cad96fb59673e37b5f93baac526dc90d856f80c3215/results?tab=lookup
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/7562a7cbfc436a63a3bf6cad96fb59673e37b5f93baac526dc90d856f80c3215
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/7562a7cbfc436a63a3bf6cad96fb59673e37b5f93baac526dc90d856f80c3215/
Verdict:
Malicious
Threat:
Family.MIRAI
Link:
https://tip.neiki.dev/file/7562a7cbfc436a63a3bf6cad96fb59673e37b5f93baac526dc90d856f80c3215
Threat name:
Linux.Downloader.Medusa
Create hunting rule
Status:
Malicious
First seen:
2026-03-27 15:00:06 UTC
File Type:
Text (Shell)
AV detection:
22 of 36 (61.11%)
Threat level:
  3/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ovrkps74invghi57nswzn62zm47dpnpzhovmkjw4sdmfn6amgikq._file
Result
Malware family:
mirai
Create hunting rule
Score:
  10/10
Tags:
family:mirai antivm botnet defense_evasion discovery linux
Link:
https://tria.ge/reports/260327-selg8ags5w/
Behaviour
Reads runtime system information
System Network Configuration Discovery
Writes file to tmp directory
Changes its process name
Checks CPU configuration
File and Directory Permissions Modification
Executes dropped EXE
Contacts a large (421016) amount of remote hosts
Creates a large amount of network flows
Mirai
Mirai family
Malware Config
C2 Extraction:
bot.floppaproxy.com
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/7562a7cbfc436a63a3bf6cad96fb59673e37b5f93baac526dc90d856f80c3215

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 7562a7cbfc436a63a3bf6cad96fb59673e37b5f93baac526dc90d856f80c3215

(this sample)

Mirai

elf 70c1e0f0bb43ff0f168169ec0cde292a7afa267d96f4f6d9f744741f97651321

  
URLhaus
https://urlhaus.abuse.ch/url/3806366/
  
Delivery method
Distributed via web download
  
Dropping
MD5 5f40a69f229f177f4c8f72c59a508d0d
  
Dropping
SHA256 70c1e0f0bb43ff0f168169ec0cde292a7afa267d96f4f6d9f744741f97651321

Comments