MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b55f41e2772063529f45c0769f0937efd1ec54986731f03bb8b9b752fcbfea1b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: b55f41e2772063529f45c0769f0937efd1ec54986731f03bb8b9b752fcbfea1b
SHA3-384 hash: a0dddb0a95ff5d7474d6322efefcf17fe45ef64a9f9ad192049d03265443f0f24f41e2ba5a8a81095c3d7f9de7ab2cd4
SHA1 hash: 9e7bf2b7e078c9091307aea5c99e97973f21b213
MD5 hash: 2c7d3c7a1581b4c765b08cce8d143cfd
humanhash: dakota-carpet-juliet-green
File name:and
Download: download sample
Signature Mirai
Create hunting rule
File size:3'478 bytes
First seen:2025-04-16 23:38:03 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 48:N08fu1AVipxhSI42EN41a5KpKjGH74LOQ7YcBHN:o1AVUv4N445qe
TLSH T19F7107CB1363651D8A4F84937792860936507EE6F0983E48F49813B19347AAEB9D4FEC
Magika shell
Reporter abuse_ch
Tags:mirai sh
URLMalware sample (SHA256 hash)SignatureTags
http://103.95.196.49/a5ae14d2ed32e3b253326b287ef572e565d20814613e97957349bd752766fb31d Miraielf ua-wget
http://103.95.196.49/most-arm5ae14d2ed32e3b253326b287ef572e565d20814613e97957349bd752766fb31d Miraielf ua-wget
http://103.95.196.49/most-arm55ae14d2ed32e3b253326b287ef572e565d20814613e97957349bd752766fb31d Miraielf ua-wget
http://103.95.196.49/most-arm65ae14d2ed32e3b253326b287ef572e565d20814613e97957349bd752766fb31d Miraielf ua-wget
http://103.95.196.49/most-arm75ae14d2ed32e3b253326b287ef572e565d20814613e97957349bd752766fb31d Miraielf ua-wget
http://103.95.196.49/most-m68k5ae14d2ed32e3b253326b287ef572e565d20814613e97957349bd752766fb31d Miraielf ua-wget
http://103.95.196.49/most-mips5ae14d2ed32e3b253326b287ef572e565d20814613e97957349bd752766fb31d Miraielf ua-wget
http://103.95.196.49/most-mpsl5ae14d2ed32e3b253326b287ef572e565d20814613e97957349bd752766fb31d Miraielf ua-wget
http://103.95.196.49/most-ppc5ae14d2ed32e3b253326b287ef572e565d20814613e97957349bd752766fb31d Miraielf ua-wget
http://103.95.196.49/most-sh45ae14d2ed32e3b253326b287ef572e565d20814613e97957349bd752766fb31d Miraielf ua-wget
http://103.95.196.49/most-spc5ae14d2ed32e3b253326b287ef572e565d20814613e97957349bd752766fb31d Miraielf ua-wget
http://103.95.196.49/most-x865ae14d2ed32e3b253326b287ef572e565d20814613e97957349bd752766fb31d Miraielf ua-wget
http://103.95.196.49/most-x86_645ae14d2ed32e3b253326b287ef572e565d20814613e97957349bd752766fb31d Miraielf ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
85
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Score:
90.2%
Link:
https://cyber-fortress.com/docs/result/index.php?id=68008ff4280f5f89a0d02654linux22vpnfull_triage
Tags:
malware
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
busybox
Link:
https://www.filescan.io/uploads/68003f6090767142c3d80ce5/reports/49541bd9-60ed-4b6e-bb99-62b13c7f6c6b/overview
Verdict:
Malicious
Labled as:
Bash.MiraiA.Generic
Link:
https://www.hybrid-analysis.com/sample/b55f41e2772063529f45c0769f0937efd1ec54986731f03bb8b9b752fcbfea1b
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/b55f41e2772063529f45c0769f0937efd1ec54986731f03bb8b9b752fcbfea1b
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/b55f41e2772063529f45c0769f0937efd1ec54986731f03bb8b9b752fcbfea1b/
Threat name:
Script-Shell.Trojan.Vigorf
Create hunting rule
Status:
Malicious
First seen:
2025-04-17 01:42:00 UTC
File Type:
Text (Shell)
AV detection:
12 of 38 (31.58%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=wvpudytxebrvfh2fyb3j6cjx57i6yveym4y7ao5yxg3vf7f75inq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/250417-fn8mwsyxaz/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh b55f41e2772063529f45c0769f0937efd1ec54986731f03bb8b9b752fcbfea1b

(this sample)

Mirai

elf 5ae14d2ed32e3b253326b287ef572e565d20814613e97957349bd752766fb31d

  
URLhaus
https://urlhaus.abuse.ch/url/3505749/
  
Delivery method
Distributed via web download
  
Dropping
MD5 c375030a1a22eef38681f81c362bf72f
  
Dropping
SHA256 5ae14d2ed32e3b253326b287ef572e565d20814613e97957349bd752766fb31d

Comments