MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8342daba53b6fa10254be2ad534de9ec180677fb348665c8fd5c74c492938b67. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8342daba53b6fa10254be2ad534de9ec180677fb348665c8fd5c74c492938b67
SHA3-384 hash: 562e80d5753007c680395aa7bc59061b39611b9ddaf13de41114f15af6c49a58968d798fe8b336461cc857c5a34cbd92
SHA1 hash: 5941b041e77929436ff4c95ae7b8609139254bdd
MD5 hash: 9b0a360a7b22dadab045a7c650c0811a
humanhash: pennsylvania-edward-mississippi-yankee
File name:uwu
Download: download sample
Signature Mirai
Create hunting rule
File size:367 bytes
First seen:2025-11-28 18:34:15 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 6:h7He2YryMpiDNmlYGRmaVXm5EOWiD6YpzVHznnDuPC3YWaeGBgv:sOMMpxGxlrinHznnCbWVGev
TLSH T1C0E092FD082274099C98C97670BB2291B08C8B03EC7ECF0DA4890CFDC8C8A437035ACA
TrID 70.0% (.SH) Linux/UNIX shell script (7000/1)
30.0% (.) Unix-like shebang (var.3) (gen) (3000/1)
Magika shell
Reporter abuse_ch
Tags:mirai sh
URLMalware sample (SHA256 hash)SignatureTags
http://185.241.208.197/xd/bips6a1f3f2805f56b4e7fcf6e8c15542754442b33af9451ff300d446a24b5289e4b Gafgytelf gafgyt geofenced ua-wget USA
http://185.241.208.197/xd/cameraSpy869c88187b896637f0b284f34b5bacc456d84127c7755f1c5b626ebc2372187c Miraielf mirai ua-wget
http://185.241.208.197/xd/dropbear9e092f88fc7871f4417fa24b682919c2e6e8fd807edad4a8cd8da656b522da23 Miraielf mirai ua-wget
http://185.241.208.197/xd/sshd3364bdb131f8fa1da1a4c910ae7605bcdd6cc57d780d11432f0010008948ebc1 Miraielf mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
22
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.Downloader-35.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Labled as:
Trojan[Downloader]/Shell.Agent
Link:
https://www.hybrid-analysis.com/sample/8342daba53b6fa10254be2ad534de9ec180677fb348665c8fd5c74c492938b67
Verdict:
Malicious
File Type:
unix shell
First seen:
2025-11-28T15:47:00Z UTC
Last seen:
2025-11-29T07:29:00Z UTC
Hits:
~10
Detections:
HEUR:Trojan-Downloader.Shell.Agent.p HEUR:Trojan-Downloader.Shell.Agent.a
Link:
https://opentip.kaspersky.com/8342daba53b6fa10254be2ad534de9ec180677fb348665c8fd5c74c492938b67/results?tab=lookup
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/8342daba53b6fa10254be2ad534de9ec180677fb348665c8fd5c74c492938b67
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/8342daba53b6fa10254be2ad534de9ec180677fb348665c8fd5c74c492938b67/
Verdict:
Malicious
Threat:
Trojan-Downloader.Shell.Agent
Link:
https://tip.neiki.dev/file/8342daba53b6fa10254be2ad534de9ec180677fb348665c8fd5c74c492938b67
Threat name:
Win32.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2025-11-28 18:19:54 UTC
File Type:
Text (Shell)
AV detection:
8 of 36 (22.22%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=qnbnvostw35bajkl4kwvgtpj5qmam573gsdglsh5lr2mjeutrntq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.31
Link:
https://yomi.yoroi.company/submissions/8342daba53b6fa10254be2ad534de9ec180677fb348665c8fd5c74c492938b67

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 8342daba53b6fa10254be2ad534de9ec180677fb348665c8fd5c74c492938b67

(this sample)

Gafgyt

elf 6a1f3f2805f56b4e7fcf6e8c15542754442b33af9451ff300d446a24b5289e4b

  
URLhaus
https://urlhaus.abuse.ch/url/3718805/
  
Delivery method
Distributed via web download
  
Dropping
MD5 e9a9eaee0b6e4e64ad85ba9cdb874432
  
Dropping
SHA256 6a1f3f2805f56b4e7fcf6e8c15542754442b33af9451ff300d446a24b5289e4b

Comments