MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e89aacf39f962a3fbd203ed408b475d3f9ac985ab23ce3489d0dc98fcceaeb37. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: e89aacf39f962a3fbd203ed408b475d3f9ac985ab23ce3489d0dc98fcceaeb37
SHA3-384 hash: 8a6fcb920e1ff1c5ac734b4435fe12969ae914d7bb12616cb0fe5c0a3ba78be6d79368339af380968d2644993a3f134b
SHA1 hash: b126ece8fbf24fdcbbc128774dbf51a61f8e1f05
MD5 hash: 158b6073a470ced06335644ca728188f
humanhash: delaware-july-potato-connecticut
File name:wget.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:873 bytes
First seen:2025-11-04 08:44:37 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 24:E7xnN+cNIpTwKloGho6sEVyovOqOnhplXv:8NE0Ufyfzhnx
TLSH T144119A9E0B226805C30CCE19342A891457CB86CDE63AAE485819187BACE460BF41EF5B
Magika shell
Reporter abuse_ch
Tags:mirai sh
URLMalware sample (SHA256 hash)SignatureTags
http://196.251.114.199/bins/parmbbbc704e34bebf1947d288a63c9c2ff39a2975983cc66358d5b4c2c2b250fe57 Miraielf mirai ua-wget
http://196.251.114.199/bins/parm5f7b0e8d4f6113c9b109adc25b0430e0a2659dc5abd6e004e27856e29f2ce0a51 Miraielf mirai ua-wget
http://196.251.114.199/bins/parm64a307a10ee486cace2a73f2c9c121e0ea40af6bd9d28f569f703f8a49856114c Miraielf mirai ua-wget
http://196.251.114.199/bins/parm7c643a81227e300f1e7737358b04f70039f272a36c5932161768be025be8095fd Miraielf mirai ua-wget
http://196.251.114.199/bins/psh4562eae54a314f565b875a5f6c1869a7992011c2c9dbf97e79252890e0476cd6e Miraielf mirai ua-wget
http://196.251.114.199/bins/pppcd51e3825c28a858d438229bd88050835e090f1923b1935fb321d9d5790828653 Miraielf mirai ua-wget
http://196.251.114.199/bins/pmips06bb8b785aea7cb2988f7ac7e29d31bfa1a65355740dd0933a7e8b6633a1c97a MiraiDEU elf geofenced mirai ua-wget
http://196.251.114.199/bins/pmpsl6daf093180aa5eed5e2e3c57d4cd08bf4256b9da14f3ca34c8e36d88ab18db2c Miraielf mirai ua-wget
http://196.251.114.199/bins/pspc909cf78a489fcf08e7f69c4593ef2cb304f5a2f66dc1854d9f5d93b6b83b1610 Miraielf mirai ua-wget
http://196.251.114.199/bins/px86f03f0c9bcf169e716260f28ff60671acbdfc32902c24390691fd605914a67e05 Miraielf mirai ua-wget
http://196.251.114.199/bins/px86_64n/an/aelf ua-wget
http://196.251.114.199/bins/pi586n/an/aelf ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
41
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
mirai
Link:
https://www.filescan.io/uploads/6909c21d85b61a93a733902d/reports/ed4ae3ca-774d-411c-af52-1197892dfde2/overview
Verdict:
Malicious
File Type:
ps1
First seen:
2025-10-31T01:29:00Z UTC
Last seen:
2025-11-04T10:24:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/e89aacf39f962a3fbd203ed408b475d3f9ac985ab23ce3489d0dc98fcceaeb37/results?tab=lookup
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/e89aacf39f962a3fbd203ed408b475d3f9ac985ab23ce3489d0dc98fcceaeb37
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/e89aacf39f962a3fbd203ed408b475d3f9ac985ab23ce3489d0dc98fcceaeb37/
Threat name:
Document-HTML.Downloader.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2025-10-31 06:25:08 UTC
File Type:
Text (Shell)
AV detection:
13 of 24 (54.17%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=5cnkz447syvd7pjah3karndv2p42zgc2wi6ogse5bxey7thk5m3q._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/251104-k3e2caslbw/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/e89aacf39f962a3fbd203ed408b475d3f9ac985ab23ce3489d0dc98fcceaeb37

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh e89aacf39f962a3fbd203ed408b475d3f9ac985ab23ce3489d0dc98fcceaeb37

(this sample)

Mirai

elf c2709c8b65f3ba8f41e33bcf35b28a3ee2d5ef9fcebcc6e6cc789cdadcc42dbf

Mirai

elf bbbc704e34bebf1947d288a63c9c2ff39a2975983cc66358d5b4c2c2b250fe57

  
URLhaus
https://urlhaus.abuse.ch/url/3695529/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3695531/
  
Dropping
MD5 5e1d4b327bb9b2f1d07456c98b6e47b7
  
Dropping
SHA256 bbbc704e34bebf1947d288a63c9c2ff39a2975983cc66358d5b4c2c2b250fe57

Comments