MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c304ed6a5bf8eab03e0b43a3ee90f0af9465a69bdb727152c118c7baea2e99bf. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: c304ed6a5bf8eab03e0b43a3ee90f0af9465a69bdb727152c118c7baea2e99bf
SHA3-384 hash: d7d1c612600f27114120a6a9069dd3f75a9db4307a429595e6700436df56cf99f4612d176d13dcfd9b0b9917904c0e92
SHA1 hash: 8206af4c381bd4b6b819395f733d10c003ec91c0
MD5 hash: af6afcf7e935683e32fdf9f38042395c
humanhash: river-white-fish-fish
File name:w.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:886 bytes
First seen:2025-05-12 13:03:02 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 24:Ncgt67tiNI75t6KgtuitiDtc8tVEt5ytBltRtWatsHR:2gI7h5EL8iYS8kMlndWx
TLSH T130115ECF31A9D6310E4C8D8074AA84186544FFD33054CE4D695D8CB27D88B19B5EAF5C
Magika txt
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://160.250.180.181/arm4e04a964a31053a82b2d741e462e2006a49134d66489f878477c74cc09b04acb Miraielf mirai
http://160.250.180.181/arm52c54c22242916cc4b1454e91eafad0b801f38c65347c9701aa1d31fbdbd71c80 Miraielf mirai
http://160.250.180.181/arm63f9ce52341e8797cb91c859bceb90952124dc1dd7120d7d02139d83d51b771d3 Miraielf mirai
http://160.250.180.181/arm75e8618420a653958bedc03defc55154669acaa8211f508981b01e083d4b3f39b Miraielf mirai
http://160.250.180.181/m68kd0bd5ce3146570c287c3b3e7baddb8858b7fdc92ae733283c8ab48d22c5dff14 Miraielf mirai
http://160.250.180.181/mips925583c4531adab4a36032f3df9beaf389d222e5c0497f1f3bdf56889bd4381e Miraielf mirai
http://160.250.180.181/mpsl38d1a50dc7ded42bd7890c62e504ed1f73be049a1c18afbc51d40ea6ffd9b931 Miraielf mirai
http://160.250.180.181/ppcc7dbd9810355a99bf9d404e950f72221b2bae35055ba245450f598804f957e18 Miraielf mirai
http://160.250.180.181/sh4d91879cd26cd791f8b7e8e2ee5c38420996b5d993b0eadb2145b4b9c3ca5e536 Miraielf mirai
http://160.250.180.181/spcn/an/an/a
http://160.250.180.181/x86bcf217f4088afbb8b5842fe144e7703f2430adfc9fad45a02a1695a51686a1bf Miraielf mirai
http://160.250.180.181/x86_64555a6f3b7264be462ba5ee6d04b9f38954b04a3c265386e440f7052feb24a8a9 Miraielf mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
79
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.Downloader-32.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
94.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6821f2924a59e5a2ce03e499linux22vpnfull_triage
Tags:
mirai ddos
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/6821f19a0b64e174c42304f6/reports/ffd11764-68c4-4c68-b94b-3e2228887739/overview
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/c304ed6a5bf8eab03e0b43a3ee90f0af9465a69bdb727152c118c7baea2e99bf
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/c304ed6a5bf8eab03e0b43a3ee90f0af9465a69bdb727152c118c7baea2e99bf/
Threat name:
Script-Shell.Worm.Mirai
Create hunting rule
Status:
Malicious
First seen:
2025-05-12 13:03:25 UTC
File Type:
Text (Shell)
AV detection:
19 of 37 (51.35%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ymco22s37dvlapqlior65ehqv6kglju33nzhcuwbddd3v2rotg7q._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/250512-qajfyssvev/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/c304ed6a5bf8eab03e0b43a3ee90f0af9465a69bdb727152c118c7baea2e99bf

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh c304ed6a5bf8eab03e0b43a3ee90f0af9465a69bdb727152c118c7baea2e99bf

(this sample)

Mirai

elf 4e04a964a31053a82b2d741e462e2006a49134d66489f878477c74cc09b04acb

  
URLhaus
https://urlhaus.abuse.ch/url/3541998/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3541296/
  
Dropping
MD5 c2d17caa6d3b7ffc8773e20256ea1daf
  
Dropping
SHA256 4e04a964a31053a82b2d741e462e2006a49134d66489f878477c74cc09b04acb

Comments