MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8e8ea5c02d336749dcb706a4ddcdb46751e4a064ffbcd9e575528df364bd215f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8e8ea5c02d336749dcb706a4ddcdb46751e4a064ffbcd9e575528df364bd215f
SHA3-384 hash: 5b74c219de0610dbf27b498c546364d7ba86b1a35961b2ac1628571f907209a924e1e048c09e8204e03f9dcbbed32b1a
SHA1 hash: 853ff8e24f6731317a3191b1e51208b952d89868
MD5 hash: 666afc43cfae3de609570c97580433ca
humanhash: golf-artist-autumn-zebra
File name:massload
Download: download sample
Signature Mirai
Create hunting rule
File size:1'609 bytes
First seen:2025-04-26 14:49:14 UTC
Last seen:2025-04-26 16:23:13 UTC
File type: sh
MIME type:text/plain
ssdeep 48:j+ifJNnABw4RHfWCn1BxZ2k3nBbFnXuYhqJ:yihNABw4RHuC1BdFnXucqJ
TLSH T1E731A598BE92DFE26F4ADF48F033D646F043DA9320908B156CA91079CCBDD482435E4B
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://62.60.232.26/mips75d23e5b4962e274ea70858ceaf99e2ed221f064a76db13e36e0ea6a148cbe4a Miraicensys elf mirai ua-wget
http://62.60.232.26/mpsl44e90309c2c81241972ca9165f45c2216c39ce19ebc61046ee32cd6a581442e4 Miraicensys elf mirai ua-wget
http://62.60.232.26/arm4bbab0ec65b20410697236c7c408aeffe2cb61dde61cef633c8f77e50440a56be Miraicensys elf mirai ua-wget
http://62.60.232.26/arm5d4e1ad57d13ec2d8a908dc7cad39cc2cbe1e8c5f852e6d10e9ccdb20e98e1183 Miraicensys elf mirai ua-wget
http://62.60.232.26/arm7694a293cbe11bae17ae38512fa5aa78e7300fce10966c5c89e3e64daabda3672 Miraicensys elf mirai ua-wget
http://62.60.232.26/ppc7c6e99f2ec8b7baaccc7dacc5bfa6c8a93085a3374bea1e74dc41e58b2fc6b75 Miraicensys elf mirai ua-wget
http://62.60.232.26/sh43ef58015ea244b1a45e26b222b3aaa1f05441270e1c73f61f73712331221e0de Miraicensys elf mirai ua-wget
ftp://2.60.232.26:8021/mipsn/an/an/a
ftp://2.60.232.26:8021/mpsln/an/an/a
ftp://2.60.232.26:8021/arm4n/an/an/a
ftp://2.60.232.26:8021/arm5n/an/an/a
ftp://2.60.232.26:8021/arm7n/an/an/a

Intelligence

File Origin
# of uploads :
2
# of downloads :
63
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Score:
97.4%
Link:
https://cyber-fortress.com/docs/result/index.php?id=680ddb44cc5fb3600cc329c4linux22vpnfull_triage
Tags:
trojan mirai agent virus
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/680cf2a8212716475faf4540/reports/733b2aa8-0196-4bfc-8346-daf8dc4f21ed/overview
Verdict:
Malicious
Labled as:
Bash.MiraiA.Generic
Link:
https://www.hybrid-analysis.com/sample/8e8ea5c02d336749dcb706a4ddcdb46751e4a064ffbcd9e575528df364bd215f
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/8e8ea5c02d336749dcb706a4ddcdb46751e4a064ffbcd9e575528df364bd215f
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/8e8ea5c02d336749dcb706a4ddcdb46751e4a064ffbcd9e575528df364bd215f/
Threat name:
Script-Shell.Worm.Mirai
Create hunting rule
Status:
Malicious
First seen:
2025-04-26 15:46:19 UTC
AV detection:
9 of 24 (37.50%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=r2hklqbngntutxfxa2sn3tnum5i6jide766ntzlvkkg7gzf5efpq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/8e8ea5c02d336749dcb706a4ddcdb46751e4a064ffbcd9e575528df364bd215f

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 8e8ea5c02d336749dcb706a4ddcdb46751e4a064ffbcd9e575528df364bd215f

(this sample)

Mirai

elf 75d23e5b4962e274ea70858ceaf99e2ed221f064a76db13e36e0ea6a148cbe4a

  
URLhaus
https://urlhaus.abuse.ch/url/3526666/
  
Delivery method
Distributed via web download
  
Dropping
MD5 847887b7741d05145fddef1165b04f4f
  
Dropping
SHA256 75d23e5b4962e274ea70858ceaf99e2ed221f064a76db13e36e0ea6a148cbe4a

Comments