MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c363aa49aaed08c8dad4f90d41222cc892dcde1d98fb4b7ba0151a4af885d736. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: c363aa49aaed08c8dad4f90d41222cc892dcde1d98fb4b7ba0151a4af885d736
SHA3-384 hash: f8b54ce657d6bfd1e2ebd6a960c63b37ff7b8ee38f11da89fac136a81eaa66d51f51188a2e005f6e944702d31ae1dabe
SHA1 hash: 79967b7f645ff0d701b6d829a51d7e5396232e93
MD5 hash: 1a1703d229ab16d08e5f835996833192
humanhash: shade-louisiana-thirteen-lima
File name:wr
Download: download sample
Signature Mirai
Create hunting rule
File size:226 bytes
First seen:2025-11-28 18:06:33 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 3:L+iMITLGL68aGBzSEyLTUW2eHU0DiMITLGLjONBzSE8eUo9eHBSDiMITLGLFIQgy:LuI8pNIh00DBI8jONZ8EDBI8Fidna
TLSH T137D0A79B355032458AC4DF02E56BAB2D3243C3CE94640BC878CD3032CDAC2187025F03
Magika txt
Reporter abuse_ch
Tags:mirai sh
URLMalware sample (SHA256 hash)SignatureTags
http://103.146.23.141/mips8940a2d83740ea74154a6ede90488eb87e10ca22f092597e9c27f00ae380f8cb Miraielf geofenced mips mirai ua-wget USA
http://103.146.23.141/mpsl5add3655c138947e54f6e93f583e7704a9a33ea87a1c76eb5322358d9d6d992e Miraielf geofenced mips mirai ua-wget USA
http://103.146.23.141/arm55b94659fba807f800bca96cbf40d6be1da4306e21b0f6f2579c41f70585690e9 Miraiarm elf geofenced mirai ua-wget USA

Intelligence

File Origin
# of uploads :
1
# of downloads :
31
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Detection(s):
SecuriteInfo.com.Linux.Downloader-35.UNOFFICIAL
Create hunting rule

Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/c363aa49aaed08c8dad4f90d41222cc892dcde1d98fb4b7ba0151a4af885d736
Verdict:
Malicious
File Type:
text
First seen:
2025-11-28T15:39:00Z UTC
Last seen:
2025-11-29T01:16:00Z UTC
Hits:
~10
Detections:
HEUR:Trojan-Downloader.Shell.Agent.p HEUR:Trojan-Downloader.Shell.Agent.a
Link:
https://opentip.kaspersky.com/c363aa49aaed08c8dad4f90d41222cc892dcde1d98fb4b7ba0151a4af885d736/results?tab=lookup
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/c363aa49aaed08c8dad4f90d41222cc892dcde1d98fb4b7ba0151a4af885d736
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/c363aa49aaed08c8dad4f90d41222cc892dcde1d98fb4b7ba0151a4af885d736/
Verdict:
Malicious
Threat:
Trojan-Downloader.Shell.Agent
Link:
https://tip.neiki.dev/file/c363aa49aaed08c8dad4f90d41222cc892dcde1d98fb4b7ba0151a4af885d736
Threat name:
Linux.Worm.Mirai
Create hunting rule
Status:
Malicious
First seen:
2025-11-28 17:43:59 UTC
File Type:
Text (Shell)
AV detection:
13 of 38 (34.21%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ynr2usnk5uemrwwu7egucirmzcjnzxq5td5uw65acunev6ef243a._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/c363aa49aaed08c8dad4f90d41222cc892dcde1d98fb4b7ba0151a4af885d736

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh c363aa49aaed08c8dad4f90d41222cc892dcde1d98fb4b7ba0151a4af885d736

(this sample)

Mirai

elf 8940a2d83740ea74154a6ede90488eb87e10ca22f092597e9c27f00ae380f8cb

  
URLhaus
https://urlhaus.abuse.ch/url/3718766/
  
Delivery method
Distributed via web download
  
Dropping
MD5 526fae8371c976de947c8cbe86c7a0e7
  
Dropping
SHA256 8940a2d83740ea74154a6ede90488eb87e10ca22f092597e9c27f00ae380f8cb

Comments