MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ec92aba591e653b5004e972de1ae80c32a75b866c909aefc18f54d990545341b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: ec92aba591e653b5004e972de1ae80c32a75b866c909aefc18f54d990545341b
SHA3-384 hash: 1e0f1062488d17fcfdc5d1927883c8ca70f02ddc42de81e915fc02458fc28ada1830db75b2f8d66d1bae517de8119365
SHA1 hash: ba52e030b13a272f098e6b756ab31d2e689c320e
MD5 hash: f3c433088a501d1b35d1bdaccdfb81cc
humanhash: triple-wisconsin-beer-green
File name:wget.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:1'036 bytes
First seen:2025-07-13 18:12:52 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 24:2d6C3gd6BI3d6uNNIUuiupd6n4K6xdKmr8dejGpdZNmBpdjdr7dw6odNYn:2dsd3dv2HpdJzdKmr8dejGpdZNmBpdjB
TLSH T17D11218C0EA7904F54388F32E49B47644B9E81C7F4B4AE6561CD0CB3548CB04B439E5B
Magika txt
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://196.251.66.32/HBTs/top1miku.arm92117e88e20232d0fe9f1fd7fb7d12ea5adecf19b18e227ce6ce83d9f4376a99 Miraielf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.arm5046a329591855ebf9749429465feda29ac2e8fc327fc2d4664ba4255a9cda5d4 Miraielf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.arm60c7fa0d266b490427b6857294ee1500691ed8506884baff619f1d51049bc4c52 Miraielf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.arm7b5bce493d05031ba446080722dfb270aec7c97fc4378e639723d637adea784d2 Miraielf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.m68keb6913d816c810b0846bc7bf8dd6a19152cf078b0e4ddac040eda89ae0de8ac1 Miraielf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.mipsa77e7186ad2e7b858f23a9f1d3d5d6365481fcf8bf212a6d49b50ba9f9ae046f Gafgytelf gafgyt mirai ua-wget
http://196.251.66.32/HBTs/top1miku.mpsl425dc69ffcd048df8726f1cb3716901322750e3bfc56803135c3a803eeab6369 Miraielf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.ppc4adaa8fbc175e4a169c4767bc147fe1b288888cddfa4f1b39abc3fe250806ff7 Miraielf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.sh4b3f1e7014dfba66c06190cfa803ea2dc947f59a0b6f437f3ec6f9263b34cb4a0 Miraielf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.spc58600e74fbacf7c5e92061399451cfe44073cc61d03ee7145bfd630a6bba2f88 Miraielf mirai ua-wget
http://196.251.66.32/HBTs/top1miku.x86effabb0c89d67dc1deaaff5d5a7512613f0c6d6a3c86c773d05a3062890673ba Miraielf mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
29
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Shell.Downloader.Gen-1.UNOFFICIAL
Create hunting rule

Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/ec92aba591e653b5004e972de1ae80c32a75b866c909aefc18f54d990545341b
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/ec92aba591e653b5004e972de1ae80c32a75b866c909aefc18f54d990545341b/
Threat name:
Win32.Trojan.Alevaul
Create hunting rule
Status:
Malicious
First seen:
2025-07-13 18:13:27 UTC
File Type:
Text (Shell)
AV detection:
15 of 24 (62.50%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=5sjkxjmr4zj3kacos4w6dluaymvhlodgzee257ay6vgzsbkfgqnq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/250713-wtw42sdl4t/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/ec92aba591e653b5004e972de1ae80c32a75b866c909aefc18f54d990545341b

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh ec92aba591e653b5004e972de1ae80c32a75b866c909aefc18f54d990545341b

(this sample)

Mirai

elf 06485ea5d06c468419ee3c1b932a77071b66ea3fa6bb8a6e21e2ae15e1907bd4

Mirai

elf f1d2df92e44fe9a68a17f0e2e0cc471d9618b327434515603f42007c6b396973

  
URLhaus
https://urlhaus.abuse.ch/url/3579487/
  
Delivery method
Distributed via web download
  
Dropping
MD5 04a136144cd64f0c076e54a30b5f86a8
  
Dropping
SHA256 f1d2df92e44fe9a68a17f0e2e0cc471d9618b327434515603f42007c6b396973

Comments