MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 82d5f1b0b96907494a793d1cd838b2ea1b8fc7f7e758ae56bcc75d89ed6f3e97. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 82d5f1b0b96907494a793d1cd838b2ea1b8fc7f7e758ae56bcc75d89ed6f3e97
SHA3-384 hash: e0706d0a2ea6952492b2227bd286873014ec276b3069bae30e9eef1390997c9089403b104beded416d5cec430c503249
SHA1 hash: a540ec9917e63a178aa44b3f3570a54ff8c88135
MD5 hash: 52f6ef322dd61383cc5f03bba971ecc1
humanhash: mexico-oxygen-twenty-mars
File name:sa.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:438 bytes
First seen:2024-12-29 04:06:10 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 6:ONMhHXFrJMp8g77lQDyqrdNCCNnNC8AvSv5602CKVsYK/Z+56VzXKoa3VFsdqHeM:TH3Mp8gPqhqSh60d/Z+5YJsEY+M
TLSH T1EFF05C05A4703C702E48C56A5C7504D8BB8C41A759678CD2304F96207F98210A597697
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://81.28.10.96/xmrigb0e1ae6d73d656b203514f498b59cbcf29f067edf6fbd3803a3de7d21960848d Miraimirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
110
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6770cae775fb913a1479050elinux22vpnfull_triage
Tags:
malware
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/6770cae6a561e5a2873b634c/reports/a158122d-0be0-40c4-8ff2-fd0654dd0e71/overview
Result
Verdict:
UNKNOWN
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/82d5f1b0b96907494a793d1cd838b2ea1b8fc7f7e758ae56bcc75d89ed6f3e97
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/82d5f1b0b96907494a793d1cd838b2ea1b8fc7f7e758ae56bcc75d89ed6f3e97/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=qlk7dmfznedusstzhuonqofs5iny7r7x45mk4vv4y5oyt3lph2lq._file
Result
Malware family:
xmrig_linux
Create hunting rule
Score:
  10/10
Tags:
family:xmrig family:xmrig_linux antivm defense_evasion discovery linux miner
Link:
https://tria.ge/reports/241229-epmldaskby/
Behaviour
Enumerates kernel/hardware configuration
Reads runtime system information
Writes file to tmp directory
Checks CPU configuration
Reads CPU attributes
Checks hardware identifiers (DMI)
Enumerates running processes
Reads hardware information
File and Directory Permissions Modification
Executes dropped EXE
XMRig Miner payload
Xmrig family
Xmrig_linux family
xmrig
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/82d5f1b0b96907494a793d1cd838b2ea1b8fc7f7e758ae56bcc75d89ed6f3e97

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 82d5f1b0b96907494a793d1cd838b2ea1b8fc7f7e758ae56bcc75d89ed6f3e97

(this sample)

Mirai

elf b0e1ae6d73d656b203514f498b59cbcf29f067edf6fbd3803a3de7d21960848d

  
URLhaus
https://urlhaus.abuse.ch/url/3380305/
  
Delivery method
Distributed via web download
  
Dropping
MD5 8f4fff0ded94f1141768220906abfbb8
  
Dropping
SHA256 b0e1ae6d73d656b203514f498b59cbcf29f067edf6fbd3803a3de7d21960848d

Comments