MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8f2b35bf4bf8a73f371e970cbd8491ba1ff1c69a4c2a47903906f2dcb94f1484. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8f2b35bf4bf8a73f371e970cbd8491ba1ff1c69a4c2a47903906f2dcb94f1484
SHA3-384 hash: 0147af0dcaba6883b37452ca5f7d9f713bf12d5d73d27784a3f25636c57edd7ba8140373ecbbf6c3981ad1d6f3c0811e
SHA1 hash: 66d2faa989cd2e1b76da75ee3d79acf4d73b00eb
MD5 hash: ffda582644fd70624d7a936ec9b6b1f8
humanhash: angel-nuts-alaska-lemon
File name:w.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:874 bytes
First seen:2025-05-11 16:57:16 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 24:kKagEK6L7EKoNI75EKoKgEKIiEK8DEK+8EK7EEKutBlEKTEKSzaEKS9HR:kKagEK87EKt5EKoLEKIiEKEEK+8EKAEK
TLSH T10C115ACE23A496954F4C8D4870AA8C9866488BD1B860DF4D6C4C98F27988E197159F7F
Magika txt
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://161.248.238.64/arm2f00e4fb95309d91ab81dc08851ccfd6680ef23469986904a31749c6d78e8559 Miraielf mirai
http://161.248.238.64/arm557aee870589a2560b3674f6038b69b19e6653d96cb97ed06291ca361868f3ef5 Miraielf mirai
http://161.248.238.64/arm69f53039e036b76911846e9da33ee5239f7123a6e7a845854e385a45532611354 Miraielf mirai
http://161.248.238.64/arm787a4f596f7843ab69e4cc37fcdbeb6f049adb36d90f3f8cef361897bca47ba58 Miraielf mirai
http://161.248.238.64/m68k08d599c98659bbf14d79de79202561ec33c2d39927461c796633949ba4c34d10 Miraielf mirai
http://161.248.238.64/mips46229e24b48ba7c1f238b66acb508be355544a303a93a3348adc8b80d819af59 Miraielf mirai
http://161.248.238.64/mpsl757e960e32d068988534c366cc408939e22e9081e657ccff7780aba90dc21649 Miraielf mirai
http://161.248.238.64/ppcafb123ebe8623dc644deceb092f170a3e4689a94f97323e94c2fbe28613ece9a Miraielf mirai
http://161.248.238.64/sh4a69dcd95a865f1af32e87bd70e4cf237a0ca249f0296fda1d407c5af690f7c5d Miraielf mirai
http://161.248.238.64/spcn/an/an/a
http://161.248.238.64/x86b099b8efafeef0b5d17747c9b2ab8813b40fa89b3d7db63d04fc253c7b7027b0 Miraielf mirai
http://161.248.238.64/x86_6437166e1ed7557cb7dbc2521f38f0e2f6e818f3025e4803cbb7503f591a84ad2f Miraielf mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
108
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.Downloader-32.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
96.5%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6820d7e74a59e5a2ce03af95linux22vpnfull_triage
Tags:
mirai ddos
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/6820d721c7418694c8a8b1f2/reports/a303bdd2-e6aa-4add-8c6c-9131631893c7/overview
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/8f2b35bf4bf8a73f371e970cbd8491ba1ff1c69a4c2a47903906f2dcb94f1484
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/8f2b35bf4bf8a73f371e970cbd8491ba1ff1c69a4c2a47903906f2dcb94f1484/
Threat name:
Script-Shell.Worm.Mirai
Create hunting rule
Status:
Malicious
First seen:
2025-05-11 16:58:11 UTC
File Type:
Text (Shell)
AV detection:
15 of 24 (62.50%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=r4vtlp2l7ctt6ny6s4gl3berxip7dru2jqvepebza3znzokpcsca._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/250511-vgt89asky7/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/8f2b35bf4bf8a73f371e970cbd8491ba1ff1c69a4c2a47903906f2dcb94f1484

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 8f2b35bf4bf8a73f371e970cbd8491ba1ff1c69a4c2a47903906f2dcb94f1484

(this sample)

Mirai

elf 2f00e4fb95309d91ab81dc08851ccfd6680ef23469986904a31749c6d78e8559

  
URLhaus
https://urlhaus.abuse.ch/url/3541289/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3541296/
  
Dropping
MD5 cf611ee4346de1b7605e075a6438a661
  
Dropping
SHA256 2f00e4fb95309d91ab81dc08851ccfd6680ef23469986904a31749c6d78e8559

Comments