MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e74ee21928168b0ccffd85101300e18d2e5ff8f1c34f4df44dc03e831872e062. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: e74ee21928168b0ccffd85101300e18d2e5ff8f1c34f4df44dc03e831872e062
SHA3-384 hash: 41a5623dce2811dd5c0fab4705324bda2c5efb560465da74663776953eef702041a47f651d199aa2f963d69177d5e428
SHA1 hash: fe88ed3572e9ab792ab494ef916bb2e3b48cdefa
MD5 hash: 8e03beefdd64615c91a5147e952090fd
humanhash: venus-table-fourteen-table
File name:pdr
Download: download sample
Signature Mirai
Create hunting rule
File size:1'050 bytes
First seen:2025-09-08 16:34:39 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 24:IiScySS6KxxVfyCCo200NFTXr0o0zYKHKNIydlLIYgy6:IiPyb6Kxx5yCCo200NVXr0FzYA6dlLIB
TLSH T15F1170DEEC61A041450A7F44A1B23B76B811D1D123B0EF5DDED5193587CCE2072E9BC6
Magika txt
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://109.205.213.5/resgod.x86b0ff5d417b98975a78c034c4c9ed42cd68813c8c3415ea894b7687e06c10cf3b Miraielf mirai
http://109.205.213.5/resgod.spc6e0f15c3a92edea0104cd9050dea4f26e61ccccb0c04503c0574a0ea4c6d8c1a Miraielf mirai ua-wget
http://109.205.213.5/resgod.sh4d9c3bdbfc3930340483c07ff809d21b3a70c431b4e93b0938c010a90bd629538 Miraielf mirai
http://109.205.213.5/resgod.ppc79c1d9a2427318b5bfedc8040e8d3bdbd503892b3ad16c641b62886e03efa1f4 Miraielf mirai
http://109.205.213.5/resgod.mpslab2e398b9d039ff05a0e2361e7b8391e1957e0252efab1ff4a37efbadcdc8357 Miraielf mirai
http://109.205.213.5/resgod.mipsa829c07ba77c4fa8e2153e65e68b14ffa0fe8bfb5da8b0643ecd43ad63f20506 Miraielf mirai
http://109.205.213.5/resgod.m68kd062d1cf10cc8da9da71b159e7d7dcf62990cd6bcc32041ed8f7e4151621c6be Miraielf mirai ua-wget
http://109.205.213.5/resgod.arm7ab1a7156179e8ba66177bfe455a2a00e0bdec190e2dda53fe046518853d93a06 Miraielf mirai
http://109.205.213.5/resgod.arm646de942f38760912e646e5832eb6dbc8dc128b8f8e20b678de7e2e34c4ea1300 Miraielf mirai
http://109.205.213.5/resgod.arm5e89328219e412a061745f826ee6ad9be1a56ea91de224f3178a93b63375604b9 Miraielf mirai
http://109.205.213.5/resgod.arm6139cadea1690b3f429e693688a7c024b596d373d592ee6d2e7edb77bc436fe2 Miraielf mirai
http://109.205.213.5/resgod.arc3c1f47cb749115c78ccb72e75eb06e3a0b8f5ec68169c55b0bbf4674b9c35f7a Miraielf mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
30
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Labled as:
TrojanDownloader/Linux.Agent
Link:
https://www.hybrid-analysis.com/sample/e74ee21928168b0ccffd85101300e18d2e5ff8f1c34f4df44dc03e831872e062
Verdict:
Malicious
File Type:
text
First seen:
2025-09-08T14:32:00Z UTC
Last seen:
2025-09-08T14:32:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/e74ee21928168b0ccffd85101300e18d2e5ff8f1c34f4df44dc03e831872e062/results?tab=lookup
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/e74ee21928168b0ccffd85101300e18d2e5ff8f1c34f4df44dc03e831872e062
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/e74ee21928168b0ccffd85101300e18d2e5ff8f1c34f4df44dc03e831872e062/
Threat name:
Document-HTML.Downloader.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2025-09-08 17:14:21 UTC
File Type:
Text (Shell)
AV detection:
16 of 38 (42.11%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=45hoegjic2fqzt75quibgahbruxf76hrynhu35cnya7iggds4bra._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/e74ee21928168b0ccffd85101300e18d2e5ff8f1c34f4df44dc03e831872e062

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh e74ee21928168b0ccffd85101300e18d2e5ff8f1c34f4df44dc03e831872e062

(this sample)

Mirai

elf b0ff5d417b98975a78c034c4c9ed42cd68813c8c3415ea894b7687e06c10cf3b

  
URLhaus
https://urlhaus.abuse.ch/url/3620257/
  
Delivery method
Distributed via web download
  
Dropping
MD5 663e52546a0f5939ef042ca709302382
  
Dropping
SHA256 b0ff5d417b98975a78c034c4c9ed42cd68813c8c3415ea894b7687e06c10cf3b

Comments