MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 822534848bc3fddd6d5b08eed6f39dce53b9f9c7ab94ad57c520cccea60ea973. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 822534848bc3fddd6d5b08eed6f39dce53b9f9c7ab94ad57c520cccea60ea973
SHA3-384 hash: 87dadc290a16e7a20f87247f52aa7563a828b1da82c2ed70167b1d2b663aec386ab9616c7552ffaaf85004a4f768e7b6
SHA1 hash: 327369493c4dbcda9db625945812644acab5ddee
MD5 hash: 3f90788ae911f75433cc9aa130bc6eeb
humanhash: magazine-oranges-bakerloo-muppet
File name:uwu
Download: download sample
Signature Mirai
Create hunting rule
File size:367 bytes
First seen:2025-11-28 18:36:43 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 6:h7He5qxnQyMpiDNmAqxnGOmaVXm5EOWiDVqxnc7zVHznnDuPCWqxnETeGBgv:Sq5MMp7qAmlriJqGVznnCFqRGev
TLSH T11DE092F9001730650EE4C93DB03B640070504F275E708E0A28852CF5C6D8583B036E85
TrID 70.0% (.SH) Linux/UNIX shell script (7000/1)
30.0% (.) Unix-like shebang (var.3) (gen) (3000/1)
Magika shell
Reporter abuse_ch
Tags:mirai sh
URLMalware sample (SHA256 hash)SignatureTags
http://213.232.112.221/xd/bipsad38d1ea2dfb6b37002c01f443a0774b7d4c229a40acc99681dd96535248396c Miraimirai
http://213.232.112.221/xd/cameraSpy9a1007f0bfd6e5f41b1d20d8e18266b64987e45e36cb28cfe157ad74d9729201 Miraimirai
http://213.232.112.221/xd/dropbear50630e366f508bf9259f0216aa4eb568a5bee5f6124a48b360a057c038c24e86 Miraimirai
http://213.232.112.221/xd/sshd2280dc465356dbae199d9bffe33b45676283eb5ab0f39a9e9a23a72359f74750 Mirai32-bit elf mirai SSHDoor

Intelligence

File Origin
# of uploads :
1
# of downloads :
25
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.Downloader-35.UNOFFICIAL
Create hunting rule

Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/822534848bc3fddd6d5b08eed6f39dce53b9f9c7ab94ad57c520cccea60ea973
Verdict:
Malicious
File Type:
unix shell
First seen:
2025-11-28T15:47:00Z UTC
Last seen:
2025-11-28T16:12:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/822534848bc3fddd6d5b08eed6f39dce53b9f9c7ab94ad57c520cccea60ea973/results?tab=lookup
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/822534848bc3fddd6d5b08eed6f39dce53b9f9c7ab94ad57c520cccea60ea973
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/822534848bc3fddd6d5b08eed6f39dce53b9f9c7ab94ad57c520cccea60ea973/
Threat name:
Win32.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2025-11-28 19:10:27 UTC
File Type:
Text (Shell)
AV detection:
8 of 36 (22.22%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=qistjbelyp6523k3bdxnn445zzj3t6ohvokk2v6fedgm5jqovfzq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.31
Link:
https://yomi.yoroi.company/submissions/822534848bc3fddd6d5b08eed6f39dce53b9f9c7ab94ad57c520cccea60ea973

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 822534848bc3fddd6d5b08eed6f39dce53b9f9c7ab94ad57c520cccea60ea973

(this sample)

Mirai

elf 2280dc465356dbae199d9bffe33b45676283eb5ab0f39a9e9a23a72359f74750

  
URLhaus
https://urlhaus.abuse.ch/url/3718811/
  
Delivery method
Distributed via web download
  
Dropping
MD5 728f826c303427a9a50de6cd1898080f
  
Dropping
SHA256 2280dc465356dbae199d9bffe33b45676283eb5ab0f39a9e9a23a72359f74750

Comments