MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 bd1d6736f50b135c4b54b86bfdc143258c1bdfcf11fb533f603e4c2ac4907c64. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: bd1d6736f50b135c4b54b86bfdc143258c1bdfcf11fb533f603e4c2ac4907c64
SHA3-384 hash: e25af20adf9ee0cbb10205466243387418666ca1a2fe391c0c802632a6d4f17ac1117d8b51ee8b1b71e5b71a00fc1dbe
SHA1 hash: c8bfc69f6ac95ece83301d24a8227dbbbbf5b254
MD5 hash: 4b10f7ae97de7d5dc8aedeba1af0a2f2
humanhash: equal-music-alabama-lactose
File name:gpon
Download: download sample
Signature Mirai
Create hunting rule
File size:156 bytes
First seen:2025-12-05 18:21:49 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 3:LxAjtyg/w8NBzSa+ANja4jzgxAjtyg/pONBzSa5Ap9Lv:LA5/wkPjtzgA5/MyR
TLSH T106C04CBD102B62D5C510AE156066385DB373CFDBA1F19F0A96C87433F58D531B222E58
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://213.209.143.64/splmips633397cf2ca1b26757c7f32fe2e980ea66f783becff9455e11ded00b20032417 Miraielf mirai ua-wget
http://213.209.143.64/splmpsl61d0e0c8b1e9fdf341c8bbaacc50fe6cc5c5f73d4b7cb0f80808e6fedbf70d3c Miraielf mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
21
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Detection(s):
SecuriteInfo.com.Linux.Downloader-35.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
mirai
Link:
https://www.filescan.io/uploads/6933254dbc15eab491f57df6/reports/b2abc77d-6540-48eb-9c0e-b3e22a1b855d/overview
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/bd1d6736f50b135c4b54b86bfdc143258c1bdfcf11fb533f603e4c2ac4907c64
Verdict:
Malicious
File Type:
text
First seen:
2025-12-05T16:50:00Z UTC
Last seen:
2025-12-07T12:30:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/bd1d6736f50b135c4b54b86bfdc143258c1bdfcf11fb533f603e4c2ac4907c64/results?tab=lookup
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/bd1d6736f50b135c4b54b86bfdc143258c1bdfcf11fb533f603e4c2ac4907c64
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/bd1d6736f50b135c4b54b86bfdc143258c1bdfcf11fb533f603e4c2ac4907c64/
Threat name:
Script-Shell.Downloader.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2025-12-05 18:32:34 UTC
File Type:
Text (Shell)
AV detection:
3 of 24 (12.50%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=xuowonxvbmjvys2uxbv73qkdewgbxx6pch5vgp3ahzgcvreqprsa._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/251205-w6wztatqap/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/bd1d6736f50b135c4b54b86bfdc143258c1bdfcf11fb533f603e4c2ac4907c64

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh bd1d6736f50b135c4b54b86bfdc143258c1bdfcf11fb533f603e4c2ac4907c64

(this sample)

Mirai

elf cfbe936893a6df9acdda68069b6fab269065afb40d7b5933f862a832fc069c9b

  
URLhaus
https://urlhaus.abuse.ch/url/3726392/
  
Delivery method
Distributed via web download
  
Dropping
MD5 8bd978d6eb0f4a1d30934b994bf7e6dc
  
Dropping
SHA256 cfbe936893a6df9acdda68069b6fab269065afb40d7b5933f862a832fc069c9b
  
URLhaus
https://urlhaus.abuse.ch/url/3727673/

Comments