MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 cbe7eb00b454a9ed7cd70707ed863887016ec3aae4e039acd6fbefab0df4226d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: cbe7eb00b454a9ed7cd70707ed863887016ec3aae4e039acd6fbefab0df4226d
SHA3-384 hash: c29ec8cb359f5686c52b9f0a4ffed00be60bcbbad0a2031f4f13e484560aab14a1c20f15bf4f68b2db989bb271ce78d7
SHA1 hash: ef63f310bf2254e3f60d1521d2749f3c1192c4bd
MD5 hash: 02054f55fe9cd31fb9aaff90748ecb60
humanhash: india-magazine-nebraska-three
File name:t
Download: download sample
Signature Mirai
Create hunting rule
File size:2'444 bytes
First seen:2024-12-25 15:36:05 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 48:4k5CEA00OpZoOyk1mOFOXk1mOtJOt7k1mOGOUk1mOhOjk1mO8OGk1mOIOCk1mO88:tCEA00vOE6zEA5EF0EqjE3GElUE98E2N
TLSH T1E55179DF026888B15D40C9DD7BE34DA4744789DB18CDC64EA84F4A3AB0CC91E7631F6A
Magika txt
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://5.230.226.193/tt/mipsd43fbf7577e3c3cddd61bf545d63fa164f9337fc239b4c6f3c11010158febb4d Miraielf mirai
http://5.230.226.193/tt/mipsel97a24b4b731f4e99adc64b52b2c8f282c0d81837d24f151417d10119fd5f5de0 Miraielf mirai
http://5.230.226.193/tt/armv4l16665f3472a973adddc341e684d708066d35d89d6454f92235111ff4d205096e Gafgytelf gafgyt mirai
http://5.230.226.193/tt/armv5lf163e77db013b6c781026dfd9e155b6676b048091c457dde5bf88da709750d26 Gafgytelf gafgyt mirai
http://5.230.226.193/tt/armv6lfb4215132aee270148aabc85c0d6272b828cb5cf035c6b8823638c03a99c3e16 Gafgytelf gafgyt mirai
http://5.230.226.193/tt/armv7l2ea8ef781900b5a3048e1f7f9d15893c5f366a9b1724de29cc5702d40c1a176a Gafgytelf gafgyt mirai
http://5.230.226.193/tt/sh42c0a317af8c8ad9255f20d6d7bda5effd8012886dd64f62484e33ca25995de8f Gafgytelf gafgyt mirai
http://5.230.226.193/tt/sparcc7d4204efff17cf1a07c62af9aa1d24ab87cf006437bde9128bc909cd1fbb81e Miraielf mirai
http://5.230.226.193/tt/riscv32b6e0036281a36ce295405c8edf3e65e24b11adcd4a7a5d77b43f9c14a624162d Miraielf mirai
http://5.230.226.193/tt/powerpcac2921f97af63ea1e2ef94d53ec118b9b8f82964c9eac536f96eabe90a18f64f Miraielf mirai
http://5.230.226.193/tt/armv4ebd4264092f6981bbcfaa1455bb1da08cb85860bbccc4c8601e30d80ec7f6c1e06 Gafgytelf gafgyt mirai
http://5.230.226.193/tt/arc90b4e907a8ed7c4ca292aa54504d5277ac5c079b009966290a0a0d754030e0c9 Miraielf mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
82
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Score:
94.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=676d1b1475bf3268d2fe9059linux22vpnfull_triage
Tags:
mirai agent virus hype
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
anti-debug lolbin remote
Link:
https://www.filescan.io/uploads/676c26a10dd45a148a402bec/reports/3aa80659-7511-4b24-aa66-6d235e67e44a/overview
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/cbe7eb00b454a9ed7cd70707ed863887016ec3aae4e039acd6fbefab0df4226d
Result
Verdict:
MALICIOUS
Score:
1%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/cbe7eb00b454a9ed7cd70707ed863887016ec3aae4e039acd6fbefab0df4226d
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/cbe7eb00b454a9ed7cd70707ed863887016ec3aae4e039acd6fbefab0df4226d/
Threat name:
Script-Shell.Trojan.MiraiA
Create hunting rule
Status:
Malicious
First seen:
2024-12-25 16:07:33 UTC
File Type:
Text (Shell)
AV detection:
7 of 38 (18.42%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=zpt6wafuksu627gxa4d63bryq4aw5q5k4tqdtlgw7px2wdpuejwq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/cbe7eb00b454a9ed7cd70707ed863887016ec3aae4e039acd6fbefab0df4226d

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh cbe7eb00b454a9ed7cd70707ed863887016ec3aae4e039acd6fbefab0df4226d

(this sample)

Mirai

elf d43fbf7577e3c3cddd61bf545d63fa164f9337fc239b4c6f3c11010158febb4d

  
URLhaus
https://urlhaus.abuse.ch/url/3376189/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3376276/
  
Dropping
MD5 6eae27ecf1e2d9153b6f1552ab3fc8a3
  
Dropping
SHA256 d43fbf7577e3c3cddd61bf545d63fa164f9337fc239b4c6f3c11010158febb4d

Comments