MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b3362f2b9ebfe362ac698abaf0cefdb4f201ed32c41831cbf7fa0f3c6d70cf93. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: b3362f2b9ebfe362ac698abaf0cefdb4f201ed32c41831cbf7fa0f3c6d70cf93
SHA3-384 hash: 57fdfd8990a35af006a09086914387388c021f0b8e604718bd5e8cef13b5f29dccf17d37320e83f7a5213e8790011f6a
SHA1 hash: 8771418e2175c49c4c54b4eb19e4b1ec76d1fc18
MD5 hash: 6d7077a22f77dd6f2b38fb0c640b363d
humanhash: carolina-mango-artist-magazine
File name:swget.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:882 bytes
First seen:2025-08-01 12:40:05 UTC
Last seen:2025-08-02 10:42:46 UTC
File type: sh
MIME type:text/plain
ssdeep 12:XGROcqLZO/6gqt/gqa/fqKq/GqkO/5XfB6pMS7R8:XGpGU/m/a/Fq/KO/hfof2
TLSH T191113ACB5A51B08580BD8E74B23BC8D5B01192D478EB23D6EC85493EC2C8A12F129FA7
Magika shell
Reporter abuse_ch
Tags:mirai sh
URLMalware sample (SHA256 hash)SignatureTags
http://66.63.187.141/x86c8cd283b2c877dd54bb88007adf05c50549d1cb6ca6b6fedbe6d225e8683288b Mirai32-bit elf gafgyt mirai Mozi
http://66.63.187.141/mips7124a65bf24f9edba23f44feeace7c17c40c84a3977c2220d6742e188928612e Mirai32-bit elf gafgyt mirai Mozi
http://66.63.187.141/mpsl2d1cf20f3c60d797308489012c7552b1db022dfbfcf8bb1c71fe360290f597f2 Miraielf mirai ua-wget
http://66.63.187.141/armc7ce30048cff8cd281aae097b739ac1ec446aaa0eb48a746a6f03420e4b28076 Gafgyt32-bit elf gafgyt Mozi
http://66.63.187.141/arm52153f7f0232ac7e9fb23ee4c50aabb18c7f32ff2653f213796fb55b3229aabf4 Miraielf gafgyt mirai ua-wget
http://66.63.187.141/arm66062592a30f707d9cc1d5ba80dd76140736d28829df170f53a710bf182b83ce9 Miraielf mirai ua-wget
http://66.63.187.141/arm78caac9e05312ee38e05a89b23e920a5901c4c88736db0b345e5184dbef7ce50b Miraielf mirai ua-wget
http://66.63.187.141/ppcd767a593cb2972e5723c48de6fca9381904325f4abc2f2ef2fd3cfe16bfc3f53 Miraielf mirai ua-wget
http://66.63.187.141/m68k6c40414fd73464b551868bd5f995011bee86ae6c28fb12243451c60f10364022 Miraielf mirai ua-wget
http://66.63.187.141/sh45df71bf1f1a1ebf98c9577001b5993daf3485bb73a9a444dadd0ba9c1ad07f00 Miraielf mirai ua-wget

Intelligence

File Origin
# of uploads :
2
# of downloads :
33
Origin country :
DE DE
Vendor Threat Intelligence
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/b3362f2b9ebfe362ac698abaf0cefdb4f201ed32c41831cbf7fa0f3c6d70cf93
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/b3362f2b9ebfe362ac698abaf0cefdb4f201ed32c41831cbf7fa0f3c6d70cf93/
Verdict:
Malicious
Threat:
HEUR:Trojan-Downloader.Shell.Agent
Link:
https://tip.neiki.dev/file/b3362f2b9ebfe362ac698abaf0cefdb4f201ed32c41831cbf7fa0f3c6d70cf93
Threat name:
Linux.Worm.Mirai
Create hunting rule
Status:
Malicious
First seen:
2025-08-01 12:32:01 UTC
File Type:
Text (Shell)
AV detection:
17 of 38 (44.74%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=wm3c6k46x7rwfldjrk5pbtx5wtzad3jsyqmdds7x7ihty3lqz6jq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/250801-pwjheazqw8/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/b3362f2b9ebfe362ac698abaf0cefdb4f201ed32c41831cbf7fa0f3c6d70cf93

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh b3362f2b9ebfe362ac698abaf0cefdb4f201ed32c41831cbf7fa0f3c6d70cf93

(this sample)

Mirai

elf c084a5cfd0aeb8dc7ac9a28d114f61740057751c5d20bcb5a486d7b1be80e5dd

  
URLhaus
https://urlhaus.abuse.ch/url/3594263/
  
Delivery method
Distributed via web download
  
Dropping
MD5 d7f2b0fa2a20fca0727ed23772b8c081
  
Dropping
SHA256 c084a5cfd0aeb8dc7ac9a28d114f61740057751c5d20bcb5a486d7b1be80e5dd

Comments