MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d8820baf277ae265d7e23a5f96d4eaafa6632b778b34b452e7f730d24a7444d8. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: d8820baf277ae265d7e23a5f96d4eaafa6632b778b34b452e7f730d24a7444d8
SHA3-384 hash: 83ba10b78b3805385d7e7716043f3779379e9970576030caebb3c729b4fc1c804ef125c79bc289aacb179160782d863f
SHA1 hash: 29715adcbfdece32566d2b57075f6b7a2058b290
MD5 hash: abc774f5eae08dc5113ee6012e1f37cf
humanhash: ceiling-grey-saturn-friend
File name:w.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:1'505 bytes
First seen:2025-07-19 18:24:23 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 24:kd6ENEEdeEdYV2flEdxEdejG7EdeABAoA1Ed6unuaujEd6uQ9uQkuQ1Ed6u5uQuc:kdcEdeEdYV2flEdxEdejG7EdeCXaEdvu
TLSH T1823164C94EA6D007887C8F32F04A87B85A9E86D775A0AE6960CD4CF3514DF14743AE4A
Magika txt
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://196.251.66.32/HBTs/top1miku.arca6ead5ecc5a093af2dd8f9cd7b44db97a3077e888ed6fed6598a68ecad756df0 Miraielf mirai
http://196.251.66.32/HBTs/top1miku.i586ebac11af23f5d447139124bffa1c56429adf2132ea21eba3aed21ecad2423720 Miraielf mirai ua-wget x86
http://196.251.66.32/HBTs/top1miku.x86_64d98f7aaa9e2aa30f86d5f7c88bc2e895bee6adeebc6d87a904bd28e6f9e01810 Miraielf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.i686386ed38648148fb805047a802ac6c25485bee146667b0a7f0940b388630a0285 Miraielf mirai
http://196.251.66.32/HBTs/top1miku.mipsa77e7186ad2e7b858f23a9f1d3d5d6365481fcf8bf212a6d49b50ba9f9ae046f Gafgytelf gafgyt mirai ua-wget
http://196.251.66.32/HBTs/top1miku.mipsel2278610b46274d256bef90a582804de656311472aedbb00c1e61a7ce801468f9 Gafgytelf gafgyt mips ua-wget
http://196.251.66.32/HBTs/top1miku.armv4l61074be715c8549eedb1ff4e8f61f3b2ba72918f588b81f33cf285ce1cee3034 Miraiarm elf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.armv5lcff95b9961ac1757bcba78d775bf142fb4c9134327f823d63a6f26704be7805e Miraiarm elf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.armv6l2b4fed8258475b2cb9a33688c0755df646c6473ddac66e7f2d27998f367778e6 Miraiarm elf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.armv7l4764a1efb1dda2cc50f294de2884f1a67b68acbcf6d3fdb168c26ae59b599028 Miraiarm elf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.powerpcbeaa0f74467ee44b441389fb674657e93bdb4080452567fb4f7874de7a3b783a Gafgytelf gafgyt PowerPC ua-wget
http://196.251.66.32/HBTs/top1miku.sparcn/an/aelf
http://196.251.66.32/HBTs/top1miku.m68keb6913d816c810b0846bc7bf8dd6a19152cf078b0e4ddac040eda89ae0de8ac1 Miraielf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.sh4b3f1e7014dfba66c06190cfa803ea2dc947f59a0b6f437f3ec6f9263b34cb4a0 Miraielf mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
28
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/687be31f12460d69545f70fb/reports/1fd2e578-f732-4078-8229-b62c20e0cbb8/overview
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/d8820baf277ae265d7e23a5f96d4eaafa6632b778b34b452e7f730d24a7444d8
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/d8820baf277ae265d7e23a5f96d4eaafa6632b778b34b452e7f730d24a7444d8/
Verdict:
Malicious
Threat:
Downloader.Bash/Bashdlod
Link:
https://tip.neiki.dev/file/d8820baf277ae265d7e23a5f96d4eaafa6632b778b34b452e7f730d24a7444d8
Threat name:
Document-HTML.Trojan.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2025-07-19 18:25:32 UTC
File Type:
Text (Shell)
AV detection:
12 of 22 (54.55%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=3cbaxlzhplrglv7chjpznvhkv6tggk3xrm2liuxh64ynestuitma._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/250719-w2vwysgk5y/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/d8820baf277ae265d7e23a5f96d4eaafa6632b778b34b452e7f730d24a7444d8

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh d8820baf277ae265d7e23a5f96d4eaafa6632b778b34b452e7f730d24a7444d8

(this sample)

Mirai

elf a6ead5ecc5a093af2dd8f9cd7b44db97a3077e888ed6fed6598a68ecad756df0

  
URLhaus
https://urlhaus.abuse.ch/url/3579513/
  
Delivery method
Distributed via web download
  
Dropping
MD5 b578ed98a64b1204065a8ff7d2ece4fb
  
Dropping
SHA256 a6ead5ecc5a093af2dd8f9cd7b44db97a3077e888ed6fed6598a68ecad756df0

Comments