MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7bb8639f32cc58e1a82dcfb63b0fd6b6ecca89d25b496ce934e6b45da7e132e8. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 8


Intelligence 8 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 7bb8639f32cc58e1a82dcfb63b0fd6b6ecca89d25b496ce934e6b45da7e132e8
SHA3-384 hash: d614d8919982c1ba674f8a0e252cbd7253efa44c92ab5211e941607da398c03ab031b00bd00d85892caf63fd6b44edfc
SHA1 hash: 821a9ac4abe11e51e250e71479740d34ca9c6110
MD5 hash: f7551b41af7ef5dc52a73cb42366c069
humanhash: leopard-oscar-vegan-oregon
File name:and
Download: download sample
Signature Mirai
Create hunting rule
File size:3'502 bytes
First seen:2025-04-17 23:15:05 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 48:N0hfL1Ag7pxYwHbVrG41a+KKKYXS7lMO/7FlBHR:m1Agj9bg44+SH
TLSH T11271F7CB2363AA1D0A4FC4907596870A36117EC7B0883798D4181772A34BBAEF5D5FEC
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://103.77.241.175/an/an/aelf ua-wget
http://103.77.241.175/most-armca2d87db6526d58c00a5b4d5d6cfd569f5d2f7c1cc1a2c76d5990577b9a7b9fb Miraielf mirai ua-wget
http://103.77.241.175/most-arm5457ac3463c32393c1ca5b86684c1aaa30f883746ca5e42cd5b41d5b0d85fb94e Miraielf mirai ua-wget
http://103.77.241.175/most-arm60c499a0a944b9d28b259e55f4c5c3e5d6eaaeb6105f9b2c7f94b6c44fb93b319 Miraielf mirai ua-wget
http://103.77.241.175/most-arm73698882933571d7fd599291ad8778f5ecfd8015c0cecccbbb2484af69ed5e5f4 Miraielf mirai ua-wget
http://103.77.241.175/most-m68k38027e621a2b5608d47465a785658004d1274354e82a25e735e6bf34d0cabd09 Miraielf mirai ua-wget
http://103.77.241.175/most-mips448d05b73582cdf2e1cd8ca002a9f117b8aa8dee7a839a7643abe77a802f85ad Miraielf mirai ua-wget
http://103.77.241.175/most-mpsle046eae1f9862254c2126c741696f6f3a7ccb1682382e6a4ec43a0b07cd594f3 Miraielf mirai ua-wget
http://103.77.241.175/most-ppce046eae1f9862254c2126c741696f6f3a7ccb1682382e6a4ec43a0b07cd594f3 Miraielf ua-wget
http://103.77.241.175/most-sh445c3040bb3b4d691f36366bce288bc953d13d2174d7ad33e5521d0c6e6695e76 Miraielf mirai ua-wget
http://103.77.241.175/most-spc45c3040bb3b4d691f36366bce288bc953d13d2174d7ad33e5521d0c6e6695e76 Miraielf ua-wget
http://103.77.241.175/most-x8629206f3b73af721c3c74bcbe47763b2177643697a375f6dc5f672eca1054d57a Miraielf mirai ua-wget
http://103.77.241.175/most-x86_6437655e6676ef77fe577eb4ad5ff1562290bec739bef988fc6aeb36f9802a6700 Miraielf mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
114
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Score:
94.1%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6801dbf3280f5f89a0d0fe25linux22vpnfull_triage
Tags:
mirai virus
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
busybox
Link:
https://www.filescan.io/uploads/68018b9790767142c3d9d603/reports/3d417677-840f-44d3-8ef4-44b7ac7fcf07/overview
Verdict:
Malicious
Labled as:
Bash.MiraiA.Generic
Link:
https://www.hybrid-analysis.com/sample/7bb8639f32cc58e1a82dcfb63b0fd6b6ecca89d25b496ce934e6b45da7e132e8
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/7bb8639f32cc58e1a82dcfb63b0fd6b6ecca89d25b496ce934e6b45da7e132e8
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/7bb8639f32cc58e1a82dcfb63b0fd6b6ecca89d25b496ce934e6b45da7e132e8/
Threat name:
Script-Shell.Trojan.Vigorf
Create hunting rule
Status:
Malicious
First seen:
2025-04-18 01:36:00 UTC
File Type:
Text (Shell)
AV detection:
10 of 24 (41.67%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=po4ghhzszrmodkbnz63dwd6ww3wmvcoslnewz2ju422f3j7bglua._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/250418-e8f8psvms9/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/7bb8639f32cc58e1a82dcfb63b0fd6b6ecca89d25b496ce934e6b45da7e132e8

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 7bb8639f32cc58e1a82dcfb63b0fd6b6ecca89d25b496ce934e6b45da7e132e8

(this sample)

Mirai

elf ca2d87db6526d58c00a5b4d5d6cfd569f5d2f7c1cc1a2c76d5990577b9a7b9fb

  
URLhaus
https://urlhaus.abuse.ch/url/3505749/
  
Delivery method
Distributed via web download
  
Dropping
MD5 ac100d58b348c04aa11f58f28736b63d
  
Dropping
SHA256 ca2d87db6526d58c00a5b4d5d6cfd569f5d2f7c1cc1a2c76d5990577b9a7b9fb

Comments