MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c7e40b2661aa777be8db078b1aaa94029c9638a291be2cad44cbb3b1a3e07344. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: c7e40b2661aa777be8db078b1aaa94029c9638a291be2cad44cbb3b1a3e07344
SHA3-384 hash: ad329d1599af1ccc91cca479fb928544b819c98bcd1efd28baf241856ed195fa0099d327cc63e7dee3ea2440e11e74d4
SHA1 hash: 118b97a217349959a04eb26e3e807d09167b05da
MD5 hash: 900069d3b39014aabcf327e1a717d40e
humanhash: sixteen-network-emma-wolfram
File name:w.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:575 bytes
First seen:2025-12-06 17:50:59 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 12:6mxq+hURH+h1NIjlTBA+hmiKl2E+hQdKA+hB9q+hp0q+hHh7IAUn:6mxhUw1NIp1bKlW33BjqHmn
TLSH T193F0AF8D0223682602588E0A3429D502D74BF3C0BBB12F4EEE1671AE6CD460B701DFCB
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://134.195.137.84/bins/parm0159cc82783133fadba23d723a60a147c3ad0a66330990c703bddd8ae624f0d7 Miraiarm elf geofenced opendir ua-wget USA
http://134.195.137.84/bins/parm5fafa43c38a5fb5cbbf3a90cb3542271bd6905796589bed3f93402d5df42d5259 Miraiarm elf geofenced opendir ua-wget USA
http://134.195.137.84/bins/parm69eb53795ab94a0dd7af7f05eb8d950a9858da8ca74e9ec98350f6f72ae6742e6 Miraiarm elf geofenced mirai opendir ua-wget USA
http://134.195.137.84/bins/parm7b67a1c34960d4a7844c7a0ddfed31815f2b687029fcb12eb69734a7fc9350543 Miraiarm elf geofenced mirai opendir ua-wget USA
http://134.195.137.84/bins/psh41087e419327971f9df908df5a41aa0605a504f46328662519ab517e325883a61 Miraielf geofenced mirai opendir SuperH ua-wget USA
http://134.195.137.84/bins/pmips877df054bb56d748db96839685b8130e134ca8fb28bd031da076ea5fb6bf74b0 Miraielf geofenced mips mirai opendir ua-wget USA
http://134.195.137.84/bins/pmipseln/an/aelf ua-wget
http://134.195.137.84/bins/px8622941b4caec4169d45bb23767e4644b9b0161388c4e822d2ada9a1d7971ebc2c Miraielf geofenced mirai opendir ua-wget USA x86

Intelligence

File Origin
# of uploads :
1
# of downloads :
28
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
mirai
Link:
https://www.filescan.io/uploads/69346d28bc15eab491f5f530/reports/6366eb04-2e9b-4e76-a127-f0806086760b/overview
Verdict:
Malicious
File Type:
text
First seen:
2025-12-06T15:58:00Z UTC
Last seen:
2025-12-07T01:20:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/c7e40b2661aa777be8db078b1aaa94029c9638a291be2cad44cbb3b1a3e07344/results?tab=lookup
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/c7e40b2661aa777be8db078b1aaa94029c9638a291be2cad44cbb3b1a3e07344
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/c7e40b2661aa777be8db078b1aaa94029c9638a291be2cad44cbb3b1a3e07344/
Threat name:
Document-HTML.Downloader.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2025-12-06 17:51:24 UTC
File Type:
Text (Shell)
AV detection:
8 of 24 (33.33%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=y7sawjtbvj3xx2g3a6frvkuuakojmofcsg7czlkezoz3di7aonca._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/251206-wfb7qa1ldz/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/c7e40b2661aa777be8db078b1aaa94029c9638a291be2cad44cbb3b1a3e07344

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh c7e40b2661aa777be8db078b1aaa94029c9638a291be2cad44cbb3b1a3e07344

(this sample)

Mirai

elf 92db700af734af799d2e3a8ab2986081c195b50d96df826f34dd7c0c617864c8

Mirai

elf 0159cc82783133fadba23d723a60a147c3ad0a66330990c703bddd8ae624f0d7

  
URLhaus
https://urlhaus.abuse.ch/url/3727835/
  
Delivery method
Distributed via web download
  
Dropping
MD5 d779969993b636b9025dfd2dde445be4
  
Dropping
SHA256 0159cc82783133fadba23d723a60a147c3ad0a66330990c703bddd8ae624f0d7

Comments