MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 db38b69a3444f00035ac36b2a82f7fc4c9bc9d30428100d7805016961b3253ee. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: db38b69a3444f00035ac36b2a82f7fc4c9bc9d30428100d7805016961b3253ee
SHA3-384 hash: 212525dd4526a92ed8bbd1009bdd6d6e4c5d8cbbd6d819f4c2e5a71c7d76bf12ef7bdf50fae46473ca3284b4658dae29
SHA1 hash: c87661e2e4d48061690e85d856f3d7258b0862f6
MD5 hash: c6381ebf8f0349b8d47c5e623bbcef6b
humanhash: freddie-carolina-social-shade
File name:c
Download: download sample
Signature Mirai
Create hunting rule
File size:184 bytes
First seen:2025-12-10 04:28:14 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 3:he8zgMFZXLFLxUdVgZ8aOSZjZxvTFLK3iqP4KSEVMFZXLFLxUdsRzSBwmH3XKvn:I8zgMFZ5LS4Z86lFxK3iO4KSEVMFZ5LX
TLSH T1D2C012FB00505070014AFE2034B14451A321D7B1379C5E06DFCD0421C4C8E84A468BA7
Magika txt
Reporter abuse_ch
Tags:CVE-2025-55182 mirai sh
URLMalware sample (SHA256 hash)SignatureTags
http://172.237.55.180/pew63ee2fe11a7f43aba14f37897b7c69e2c4b26eef20a8854a838353b59866ee4861 MiraiCVE-2025-55182 mirai ua-wget
http://172.237.55.180/h4378067c9bf0ca1a67352fc7b8c9cc99fed8d9f3f57246712a6cd692edc4b66d323 MiraiCVE-2025-55182 mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
33
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Detection(s):
SecuriteInfo.com.Linux.Downloader-35.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Labled as:
Trojan[Downloader]/Shell.Agent
Link:
https://www.hybrid-analysis.com/sample/db38b69a3444f00035ac36b2a82f7fc4c9bc9d30428100d7805016961b3253ee
Result
Gathering data
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/db38b69a3444f00035ac36b2a82f7fc4c9bc9d30428100d7805016961b3253ee
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/db38b69a3444f00035ac36b2a82f7fc4c9bc9d30428100d7805016961b3253ee/
Threat name:
Text.Browser.Generic
Create hunting rule
Status:
Suspicious
First seen:
2025-12-07 21:30:12 UTC
File Type:
Text (Shell)
AV detection:
2 of 36 (5.56%)
Threat level:
  4/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=3m4lngruityaannmg2zkql37yte3zhjqikaqbv4akaljmgzskpxa._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/251210-e94qdstnex/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh db38b69a3444f00035ac36b2a82f7fc4c9bc9d30428100d7805016961b3253ee

(this sample)

Mirai

elf ee2fe11a7f43aba14f37897b7c69e2c4b26eef20a8854a838353b59866ee4861

  
URLhaus
https://urlhaus.abuse.ch/url/3730291/
  
Delivery method
Distributed via web download
  
Dropping
MD5 ec9278b3f3914728d36d086b56445b98
  
Dropping
SHA256 ee2fe11a7f43aba14f37897b7c69e2c4b26eef20a8854a838353b59866ee4861

Comments