MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e8d20c029bc55bfd0f3666db04f91c3d918e2b1277d669f90430d5049ca7d2eb. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: e8d20c029bc55bfd0f3666db04f91c3d918e2b1277d669f90430d5049ca7d2eb
SHA3-384 hash: a9e6e760f58de24f8d8f0e02914c2bea06ae5cb17af7976b0cad09f11753446568ce970c66749470922fe4d46fa82224
SHA1 hash: c346b5421f6cd99fab6a8d7aff1ce76224e8e1ff
MD5 hash: 3ef0cbd2235b66b19fcd290899375440
humanhash: social-hamper-blossom-uniform
File name:wget.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:1'378 bytes
First seen:2025-07-19 17:57:44 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 24:2d6EN+dodYV2f7d/dejGpdeABAoALd6unuauxd6uQ9uQkuQLd6u5uQuPd6uYuxuA:2dWdodYV2f7d/dejGpdeCXcdvuPxdvr8
TLSH T12C21018D4EA6900B94388F32F04B87A44A9F9687B5B4AE6564DD0CF3544DB10743EE5B
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://196.251.66.32/HBTs/top1miku.arca6ead5ecc5a093af2dd8f9cd7b44db97a3077e888ed6fed6598a68ecad756df0 Miraielf mirai
http://196.251.66.32/HBTs/top1miku.i586ebac11af23f5d447139124bffa1c56429adf2132ea21eba3aed21ecad2423720 Miraielf mirai ua-wget x86
http://196.251.66.32/HBTs/top1miku.x86_64d98f7aaa9e2aa30f86d5f7c88bc2e895bee6adeebc6d87a904bd28e6f9e01810 Miraielf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.i686386ed38648148fb805047a802ac6c25485bee146667b0a7f0940b388630a0285 Miraielf mirai
http://196.251.66.32/HBTs/top1miku.mipsa77e7186ad2e7b858f23a9f1d3d5d6365481fcf8bf212a6d49b50ba9f9ae046f Gafgytelf gafgyt mirai ua-wget
http://196.251.66.32/HBTs/top1miku.mipsel2278610b46274d256bef90a582804de656311472aedbb00c1e61a7ce801468f9 Gafgytelf gafgyt mips ua-wget
http://196.251.66.32/HBTs/top1miku.armv4l61074be715c8549eedb1ff4e8f61f3b2ba72918f588b81f33cf285ce1cee3034 Miraiarm elf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.armv5lcff95b9961ac1757bcba78d775bf142fb4c9134327f823d63a6f26704be7805e Miraiarm elf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.armv6l2b4fed8258475b2cb9a33688c0755df646c6473ddac66e7f2d27998f367778e6 Miraiarm elf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.armv7l4764a1efb1dda2cc50f294de2884f1a67b68acbcf6d3fdb168c26ae59b599028 Miraiarm elf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.powerpcbeaa0f74467ee44b441389fb674657e93bdb4080452567fb4f7874de7a3b783a Gafgytelf gafgyt PowerPC ua-wget
http://196.251.66.32/HBTs/top1miku.sparcn/an/aelf
http://196.251.66.32/HBTs/top1miku.m68keb6913d816c810b0846bc7bf8dd6a19152cf078b0e4ddac040eda89ae0de8ac1 Miraielf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.sh4b3f1e7014dfba66c06190cfa803ea2dc947f59a0b6f437f3ec6f9263b34cb4a0 Miraielf mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
27
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/687bdcc312460d69545f705e/reports/a249590d-ca59-43fa-a477-87a7b0660223/overview
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/e8d20c029bc55bfd0f3666db04f91c3d918e2b1277d669f90430d5049ca7d2eb
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/e8d20c029bc55bfd0f3666db04f91c3d918e2b1277d669f90430d5049ca7d2eb/
Verdict:
Malicious
Threat:
Downloader.Bash/Bashdlod
Link:
https://tip.neiki.dev/file/e8d20c029bc55bfd0f3666db04f91c3d918e2b1277d669f90430d5049ca7d2eb
Threat name:
Document-HTML.Trojan.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2025-07-19 17:58:23 UTC
File Type:
Text (Shell)
AV detection:
13 of 22 (59.09%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=5djayau3yvn72dzwm3nqj6i4hwiy4kyso7lgt6iegdkqjhfh2lvq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/250719-wka58ayjz2/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/e8d20c029bc55bfd0f3666db04f91c3d918e2b1277d669f90430d5049ca7d2eb

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh e8d20c029bc55bfd0f3666db04f91c3d918e2b1277d669f90430d5049ca7d2eb

(this sample)

Mirai

elf a6ead5ecc5a093af2dd8f9cd7b44db97a3077e888ed6fed6598a68ecad756df0

  
URLhaus
https://urlhaus.abuse.ch/url/3579487/
  
Delivery method
Distributed via web download
  
Dropping
MD5 b578ed98a64b1204065a8ff7d2ece4fb
  
Dropping
SHA256 a6ead5ecc5a093af2dd8f9cd7b44db97a3077e888ed6fed6598a68ecad756df0

Comments