MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 76074060840a27a142637c8e038efbb1fb1ce866a9e274cb8a8f4ba7365e6ec5. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA 1 File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 76074060840a27a142637c8e038efbb1fb1ce866a9e274cb8a8f4ba7365e6ec5
SHA3-384 hash: 1aeae45cb1ff95e9e024e48ae2a1a34b0960acfd0e4d7e60a6e5c69a2801081bed80d6689c2ff482053cf989f9c3383c
SHA1 hash: cdf0f60a1d9f1a1678e42f5565cb42f9eea9cdac
MD5 hash: 8be6f5aa0de98a9aee4b266da0061cd7
humanhash: happy-berlin-nitrogen-colorado
File name:t
Download: download sample
Signature Mirai
Create hunting rule
File size:241 bytes
First seen:2025-06-11 21:59:20 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 6:L6FGaxAjt5uKNIRvJV6FGot5u8zTHBV6FG3Gjt5uWFaKLKiC:eAjtAKNIVJUtA8zTHBLGjtA3KLK7
TLSH T1F4D0A7F6B13346C74458CE1AF065EC80B0BAE79F4223DFE82D6E381E20388303011E54
Magika txt
Reporter abuse_ch
Tags:mirai sh
URLMalware sample (SHA256 hash)SignatureTags
http://213.209.143.44/arm632ee9608c05bd0b9e569a4be873e4c82bcb1ad7c63e408c2c43cd3e9859bf4f4 Miraielf mirai
http://213.209.143.44/arm5829188885aebea92bb695e713ffb1b1dd889bb7f59d4774cfd61f0b3be2eb98f Miraielf mirai
http://213.209.143.44/arm7d272c1dc14542558532ea0b5f242882a062f2f0fe15f1ad51390507972f6f462 Miraielf mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
76
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.Downloader-34.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
96.5%
Link:
https://cyber-fortress.com/docs/result/index.php?id=684a9dcf07b5e8c1cfe667calinux22vpnfull_triage
Tags:
trojandownloader mirai agent virus
Verdict:
Malicious
Labled as:
TrojanDownloader/Linux.Mirai
Link:
https://www.hybrid-analysis.com/sample/76074060840a27a142637c8e038efbb1fb1ce866a9e274cb8a8f4ba7365e6ec5
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/76074060840a27a142637c8e038efbb1fb1ce866a9e274cb8a8f4ba7365e6ec5
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/76074060840a27a142637c8e038efbb1fb1ce866a9e274cb8a8f4ba7365e6ec5/
Threat name:
Linux.Downloader.Generic
Create hunting rule
Status:
Suspicious
First seen:
2025-06-12 00:54:00 UTC
File Type:
Text (Shell)
AV detection:
10 of 24 (41.67%)
Threat level:
  3/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=oyduayeebit2cqtdpshahdx3wh5rz2dgvhrhjs4kr5f2ons6n3cq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

YARA Signatures

MalwareBazaar uses YARA rules from several public and non-public repositories, such as YARAhub and Malpedia. Those are being matched against malware samples uploaded to MalwareBazaar as well as against any suspicious process dumps they may create. Please note that only results from TLP:CLEAR rules are being displayed.

Rule name:ach_202412_suspect_bash_script
Create hunting rule
Author:abuse.ch
Description:Detects suspicious Linux bash scripts

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 76074060840a27a142637c8e038efbb1fb1ce866a9e274cb8a8f4ba7365e6ec5

(this sample)

Mirai

elf 922732f127340c00ab3d6afb390fd833bbcdb94f502344d23da05757db98b044

  
URLhaus
https://urlhaus.abuse.ch/url/3532740/
  
Delivery method
Distributed via web download
  
Dropping
MD5 16bf25e519d5f284343435f3a0b286dd
  
Dropping
SHA256 922732f127340c00ab3d6afb390fd833bbcdb94f502344d23da05757db98b044

Comments