MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a7350bfe41f2070df9e29d688f45212aa39bc578ca858d06fa6bb548736c313f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 9


Intelligence 9 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a7350bfe41f2070df9e29d688f45212aa39bc578ca858d06fa6bb548736c313f
SHA3-384 hash: 991890013bbb742a9e79a79a148afd1ba5ea660135231e800f58d7645c8115d67e43f5464b61fd9475b3bee880342178
SHA1 hash: b23bd9dfcd20ec5dbdb218db7008d0967136e69e
MD5 hash: fc1516a841f57e97184e41dbe5b725c5
humanhash: thirteen-dakota-failed-louisiana
File name:weed
Download: download sample
Signature Mirai
Create hunting rule
File size:4'574 bytes
First seen:2024-10-23 10:50:52 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 48:1tLUvBLUzmLUQRdLUpGLU7YqLUaDLUpOpazrbDtwzX5gvNgzUgQRhgp0g7YggaH7:1xENFLrFcVOw5EJZzXRghyNRVujQWTFv
TLSH T1149167AD3A138BB20D92DF1AF361C165A053E0D94498CF1A74AD70BCF9BED4E9130987
Magika shell
Reporter abuse_ch
Tags:mirai sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
83
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Malware.30790.LX.BOT.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
70%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6718fb525a02f8393c73571f
Tags:
Infosteal
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/6718d5197184660038540dcb/reports/438fd2c1-cfbf-4397-ac5d-5a35b82beed4/overview
Verdict:
Malicious
Labled as:
Linux.Medusa.C.Generic
Link:
https://www.hybrid-analysis.com/sample/a7350bfe41f2070df9e29d688f45212aa39bc578ca858d06fa6bb548736c313f
Result
Verdict:
MALICIOUS
Score:
63%
Verdict:
Susipicious
File Type:
SCRIPT
Link:
https://malprob.io/report/a7350bfe41f2070df9e29d688f45212aa39bc578ca858d06fa6bb548736c313f
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/a7350bfe41f2070df9e29d688f45212aa39bc578ca858d06fa6bb548736c313f/
Threat name:
Linux.Downloader.Medusa
Create hunting rule
Status:
Malicious
First seen:
2024-10-23 11:23:04 UTC
File Type:
Text (Shell)
AV detection:
12 of 24 (50.00%)
Threat level:
  3/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=u42qx7sb6idq36pctvui6rjbfkrzxrlyzkcy2bx2no2uq43mge7q._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
discovery
Link:
https://tria.ge/reports/241023-qsc2wssena/
Behaviour
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/a7350bfe41f2070df9e29d688f45212aa39bc578ca858d06fa6bb548736c313f

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh a7350bfe41f2070df9e29d688f45212aa39bc578ca858d06fa6bb548736c313f

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3249951/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3249952/
  
URLhaus
https://urlhaus.abuse.ch/url/3249953/

Comments