MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f003d50f22972bedb7e40b8d3de771ace5d37d935ff9410935eb80144b3e76eb. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: f003d50f22972bedb7e40b8d3de771ace5d37d935ff9410935eb80144b3e76eb
SHA3-384 hash: 531158206eb49a03306d34f120cefdb1b6de5ff1fde02e24e0f05b8b227bdf1f2502b87e47d739c7a9db13ad95c9e998
SHA1 hash: dfdb7e00860dbdb4857ab864f9269a85f9e4bace
MD5 hash: 9daa3deb23f94dbc4d3a8d1ab53e5dc3
humanhash: harry-spring-early-ohio
File name:w.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:1'176 bytes
First seen:2025-09-27 08:37:20 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 12:6+xC+paLC+JNIQQAC+SvK2HC+V50FEC+MC+n5C+0HC+AKAC+XHC+RcAC+t8AUn:kNI/KU50FF62f4xn
TLSH T10F2110F90019A21814046B11705E49295CBBFBD661329AF9547FE473B6CBDB0B712F39
Magika asm
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://213.209.143.44/UnHAnaAW.arma0822f8acdc5b0d20b2bd2bcc92a2c341c18ee04e38fae3407d3d1ff9eef85a1 Miraiarm elf geofenced mirai opendir ua-wget USA
http://213.209.143.44/UnHAnaAW.arm5dceec67b91a53c720d94e3bbf5a7081b389bbf3c8fc616487730da3e8ae280b7 Miraiarm elf geofenced mirai opendir ua-wget USA
http://213.209.143.44/UnHAnaAW.arm63a7134b8240e560d81d4a1effbb04a8f873e34ad332212b62de07807212f1b82 Miraiarm elf geofenced mirai opendir ua-wget USA
http://213.209.143.44/UnHAnaAW.arm7e63475639ec1c8ec9643203a4902fbc59e7c8272cadd7db355c5da6ba6ea98ed Miraiarm elf geofenced mirai opendir ua-wget USA
http://213.209.143.44/UnHAnaAW.m68k45ffe7993ff74b97fd7276f105415ce9d449ffc034007e5c7bbfaf44e8464bbd Miraielf geofenced m68k mirai opendir ua-wget USA
http://213.209.143.44/UnHAnaAW.mips91e7b4318985ce375aef13265584ffb72b936593a99d10e6ff98305d962c2623 Miraielf geofenced mips mirai opendir ua-wget USA
http://213.209.143.44/UnHAnaAW.mpslb7e145aa84a71ee51c3f45351d82d2aaa179562dacc4547efc2f06e30664e2d4 Miraielf geofenced mips mirai opendir ua-wget USA
http://213.209.143.44/UnHAnaAW.ppcfb5e0ae697fafd5f58e98e0b74d9160cf8ed08c73fc329d02e4cdb4739485804 Miraielf geofenced mirai opendir PowerPC ua-wget USA
http://213.209.143.44/UnHAnaAW.sh49311cc7b2b4f4777b9ffbf50978f85055aed70ea42bac6be542cb66d8de2de0f Miraielf geofenced mirai opendir SuperH ua-wget USA
http://213.209.143.44/UnHAnaAW.spcb536d143397fd3c4c964adeeebc4935d7c5ca8ce21de1ff035a94862161d3d19 Miraielf geofenced mirai opendir sparc ua-wget USA
http://213.209.143.44/UnHAnaAW.x863fa5a4a14056a35151506bab32705cdaabaac752616a425d913ab6c7299162e5 Miraielf geofenced mirai opendir ua-wget USA x86
http://213.209.143.44/UnHAnaAW.x86_643fa5a4a14056a35151506bab32705cdaabaac752616a425d913ab6c7299162e5 Miraielf mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
49
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.Downloader-32.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
busybox
Link:
https://www.filescan.io/uploads/68d7a28574e5a2898995cf1c/reports/fb86d2fd-4c16-4264-a604-0cede43516c0/overview
Verdict:
Malicious
File Type:
text
First seen:
2025-09-27T05:46:00Z UTC
Last seen:
2025-09-27T05:46:00Z UTC
Hits:
~10
Detections:
HEUR:Trojan-Downloader.Shell.Agent.cl
Link:
https://opentip.kaspersky.com/f003d50f22972bedb7e40b8d3de771ace5d37d935ff9410935eb80144b3e76eb/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/c00e6999-e448-461d-9035-489bea8e66d1
Behavior Graph:
Download SVG
%3 guuid=f2440b7b-1900-0000-d8a8-008c66140000 pid=5222 /usr/bin/sudo guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223 /tmp/sample.bin guuid=f2440b7b-1900-0000-d8a8-008c66140000 pid=5222->guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223 execve guuid=14703b7f-1900-0000-d8a8-008c68140000 pid=5224 /usr/bin/busybox net send-data write-file guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=14703b7f-1900-0000-d8a8-008c68140000 pid=5224 execve guuid=b8277883-1900-0000-d8a8-008c69140000 pid=5225 /usr/bin/chmod guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=b8277883-1900-0000-d8a8-008c69140000 pid=5225 execve guuid=bd0b1884-1900-0000-d8a8-008c6a140000 pid=5226 /usr/bin/dash guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=bd0b1884-1900-0000-d8a8-008c6a140000 pid=5226 clone guuid=8a54c286-1900-0000-d8a8-008c6c140000 pid=5228 /usr/bin/busybox net send-data write-file guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=8a54c286-1900-0000-d8a8-008c6c140000 pid=5228 execve guuid=7a474d8f-1900-0000-d8a8-008c6d140000 pid=5229 /usr/bin/chmod guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=7a474d8f-1900-0000-d8a8-008c6d140000 pid=5229 execve guuid=9f84988f-1900-0000-d8a8-008c6e140000 pid=5230 /usr/bin/dash guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=9f84988f-1900-0000-d8a8-008c6e140000 pid=5230 clone guuid=0d990393-1900-0000-d8a8-008c70140000 pid=5232 /usr/bin/busybox net send-data write-file guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=0d990393-1900-0000-d8a8-008c70140000 pid=5232 execve guuid=7a6cac9b-1900-0000-d8a8-008c71140000 pid=5233 /usr/bin/chmod guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=7a6cac9b-1900-0000-d8a8-008c71140000 pid=5233 execve guuid=b63a659c-1900-0000-d8a8-008c72140000 pid=5234 /usr/bin/dash guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=b63a659c-1900-0000-d8a8-008c72140000 pid=5234 clone guuid=1519429e-1900-0000-d8a8-008c74140000 pid=5236 /usr/bin/busybox net send-data write-file guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=1519429e-1900-0000-d8a8-008c74140000 pid=5236 execve guuid=424a9fa3-1900-0000-d8a8-008c75140000 pid=5237 /usr/bin/chmod guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=424a9fa3-1900-0000-d8a8-008c75140000 pid=5237 execve guuid=994541a4-1900-0000-d8a8-008c76140000 pid=5238 /usr/bin/dash guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=994541a4-1900-0000-d8a8-008c76140000 pid=5238 clone guuid=74d929a6-1900-0000-d8a8-008c78140000 pid=5240 /usr/bin/busybox net send-data write-file guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=74d929a6-1900-0000-d8a8-008c78140000 pid=5240 execve guuid=25a9baae-1900-0000-d8a8-008c79140000 pid=5241 /usr/bin/chmod guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=25a9baae-1900-0000-d8a8-008c79140000 pid=5241 execve guuid=36a85baf-1900-0000-d8a8-008c7a140000 pid=5242 /usr/bin/dash guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=36a85baf-1900-0000-d8a8-008c7a140000 pid=5242 clone guuid=f076f2b0-1900-0000-d8a8-008c7c140000 pid=5244 /usr/bin/busybox net send-data write-file guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=f076f2b0-1900-0000-d8a8-008c7c140000 pid=5244 execve guuid=88cd15b5-1900-0000-d8a8-008c7d140000 pid=5245 /usr/bin/chmod guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=88cd15b5-1900-0000-d8a8-008c7d140000 pid=5245 execve guuid=80a1b3b5-1900-0000-d8a8-008c7e140000 pid=5246 /usr/bin/dash guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=80a1b3b5-1900-0000-d8a8-008c7e140000 pid=5246 clone guuid=42217db7-1900-0000-d8a8-008c80140000 pid=5248 /usr/bin/busybox net send-data write-file guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=42217db7-1900-0000-d8a8-008c80140000 pid=5248 execve guuid=3d7bf3bb-1900-0000-d8a8-008c81140000 pid=5249 /usr/bin/chmod guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=3d7bf3bb-1900-0000-d8a8-008c81140000 pid=5249 execve guuid=b1133fbc-1900-0000-d8a8-008c82140000 pid=5250 /usr/bin/dash guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=b1133fbc-1900-0000-d8a8-008c82140000 pid=5250 clone guuid=3e23cbbd-1900-0000-d8a8-008c84140000 pid=5252 /usr/bin/busybox net send-data write-file guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=3e23cbbd-1900-0000-d8a8-008c84140000 pid=5252 execve guuid=a45fd8c1-1900-0000-d8a8-008c85140000 pid=5253 /usr/bin/chmod guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=a45fd8c1-1900-0000-d8a8-008c85140000 pid=5253 execve guuid=02ad1dc2-1900-0000-d8a8-008c86140000 pid=5254 /usr/bin/dash guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=02ad1dc2-1900-0000-d8a8-008c86140000 pid=5254 clone guuid=1db9d3c2-1900-0000-d8a8-008c88140000 pid=5256 /usr/bin/busybox net send-data write-file guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=1db9d3c2-1900-0000-d8a8-008c88140000 pid=5256 execve guuid=6a758bc6-1900-0000-d8a8-008c89140000 pid=5257 /usr/bin/chmod guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=6a758bc6-1900-0000-d8a8-008c89140000 pid=5257 execve guuid=5fc62cc7-1900-0000-d8a8-008c8a140000 pid=5258 /usr/bin/dash guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=5fc62cc7-1900-0000-d8a8-008c8a140000 pid=5258 clone guuid=fd4fecc7-1900-0000-d8a8-008c8c140000 pid=5260 /usr/bin/busybox net send-data write-file guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=fd4fecc7-1900-0000-d8a8-008c8c140000 pid=5260 execve guuid=22bc9acb-1900-0000-d8a8-008c8d140000 pid=5261 /usr/bin/chmod guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=22bc9acb-1900-0000-d8a8-008c8d140000 pid=5261 execve guuid=5a9ae1cb-1900-0000-d8a8-008c8e140000 pid=5262 /usr/bin/dash guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=5a9ae1cb-1900-0000-d8a8-008c8e140000 pid=5262 clone guuid=4618bfcc-1900-0000-d8a8-008c90140000 pid=5264 /usr/bin/busybox net send-data write-file guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=4618bfcc-1900-0000-d8a8-008c90140000 pid=5264 execve guuid=9f5e26d5-1900-0000-d8a8-008c91140000 pid=5265 /usr/bin/chmod guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=9f5e26d5-1900-0000-d8a8-008c91140000 pid=5265 execve guuid=862dced5-1900-0000-d8a8-008c92140000 pid=5266 /home/sandbox/UnHAnaAW.x86 net guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=862dced5-1900-0000-d8a8-008c92140000 pid=5266 execve guuid=de8e40d6-1900-0000-d8a8-008c96140000 pid=5270 /usr/bin/busybox net send-data guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=de8e40d6-1900-0000-d8a8-008c96140000 pid=5270 execve guuid=209b01e5-1900-0000-d8a8-008c9e140000 pid=5278 /usr/bin/chmod guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=209b01e5-1900-0000-d8a8-008c9e140000 pid=5278 execve guuid=f2c09ee5-1900-0000-d8a8-008c9f140000 pid=5279 /usr/bin/dash guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=f2c09ee5-1900-0000-d8a8-008c9f140000 pid=5279 clone guuid=b464b1e5-1900-0000-d8a8-008ca0140000 pid=5280 /usr/bin/rm delete-file guuid=93968f7e-1900-0000-d8a8-008c67140000 pid=5223->guuid=b464b1e5-1900-0000-d8a8-008ca0140000 pid=5280 execve 9a5bfd7d-6ca1-5e69-b1de-790583636c52 213.209.143.44:80 guuid=14703b7f-1900-0000-d8a8-008c68140000 pid=5224->9a5bfd7d-6ca1-5e69-b1de-790583636c52 send: 89B guuid=8a54c286-1900-0000-d8a8-008c6c140000 pid=5228->9a5bfd7d-6ca1-5e69-b1de-790583636c52 send: 90B guuid=0d990393-1900-0000-d8a8-008c70140000 pid=5232->9a5bfd7d-6ca1-5e69-b1de-790583636c52 send: 90B guuid=1519429e-1900-0000-d8a8-008c74140000 pid=5236->9a5bfd7d-6ca1-5e69-b1de-790583636c52 send: 90B guuid=74d929a6-1900-0000-d8a8-008c78140000 pid=5240->9a5bfd7d-6ca1-5e69-b1de-790583636c52 send: 90B guuid=f076f2b0-1900-0000-d8a8-008c7c140000 pid=5244->9a5bfd7d-6ca1-5e69-b1de-790583636c52 send: 90B guuid=42217db7-1900-0000-d8a8-008c80140000 pid=5248->9a5bfd7d-6ca1-5e69-b1de-790583636c52 send: 90B guuid=3e23cbbd-1900-0000-d8a8-008c84140000 pid=5252->9a5bfd7d-6ca1-5e69-b1de-790583636c52 send: 89B guuid=1db9d3c2-1900-0000-d8a8-008c88140000 pid=5256->9a5bfd7d-6ca1-5e69-b1de-790583636c52 send: 89B guuid=fd4fecc7-1900-0000-d8a8-008c8c140000 pid=5260->9a5bfd7d-6ca1-5e69-b1de-790583636c52 send: 89B guuid=4618bfcc-1900-0000-d8a8-008c90140000 pid=5264->9a5bfd7d-6ca1-5e69-b1de-790583636c52 send: 89B 8b0a01dc-0728-52c1-8024-c4ba7801b8d6 8.8.8.8:53 guuid=862dced5-1900-0000-d8a8-008c92140000 pid=5266->8b0a01dc-0728-52c1-8024-c4ba7801b8d6 con guuid=d60f18d6-1900-0000-d8a8-008c93140000 pid=5267 /home/sandbox/UnHAnaAW.x86 zombie guuid=862dced5-1900-0000-d8a8-008c92140000 pid=5266->guuid=d60f18d6-1900-0000-d8a8-008c93140000 pid=5267 clone guuid=2e8322d6-1900-0000-d8a8-008c94140000 pid=5268 /home/sandbox/UnHAnaAW.x86 guuid=862dced5-1900-0000-d8a8-008c92140000 pid=5266->guuid=2e8322d6-1900-0000-d8a8-008c94140000 pid=5268 clone guuid=121f30d6-1900-0000-d8a8-008c95140000 pid=5269 /home/sandbox/UnHAnaAW.x86 net zombie guuid=862dced5-1900-0000-d8a8-008c92140000 pid=5266->guuid=121f30d6-1900-0000-d8a8-008c95140000 pid=5269 clone 795831f1-3652-5898-8295-aba18a81ec9e 213.209.143.44:1024 guuid=121f30d6-1900-0000-d8a8-008c95140000 pid=5269->795831f1-3652-5898-8295-aba18a81ec9e con guuid=c18c45d6-1900-0000-d8a8-008c97140000 pid=5271 /home/sandbox/UnHAnaAW.x86 net net-scan send-data guuid=121f30d6-1900-0000-d8a8-008c95140000 pid=5269->guuid=c18c45d6-1900-0000-d8a8-008c97140000 pid=5271 clone guuid=f27b49d6-1900-0000-d8a8-008c98140000 pid=5272 /home/sandbox/UnHAnaAW.x86 net net-scan send-data guuid=121f30d6-1900-0000-d8a8-008c95140000 pid=5269->guuid=f27b49d6-1900-0000-d8a8-008c98140000 pid=5272 clone guuid=883e4ed6-1900-0000-d8a8-008c99140000 pid=5273 /home/sandbox/UnHAnaAW.x86 net net-scan send-data guuid=121f30d6-1900-0000-d8a8-008c95140000 pid=5269->guuid=883e4ed6-1900-0000-d8a8-008c99140000 pid=5273 clone guuid=3ca952d6-1900-0000-d8a8-008c9a140000 pid=5274 /home/sandbox/UnHAnaAW.x86 guuid=121f30d6-1900-0000-d8a8-008c95140000 pid=5269->guuid=3ca952d6-1900-0000-d8a8-008c9a140000 pid=5274 clone guuid=27ba56d6-1900-0000-d8a8-008c9b140000 pid=5275 /home/sandbox/UnHAnaAW.x86 guuid=121f30d6-1900-0000-d8a8-008c95140000 pid=5269->guuid=27ba56d6-1900-0000-d8a8-008c9b140000 pid=5275 clone guuid=679b59d6-1900-0000-d8a8-008c9c140000 pid=5276 /home/sandbox/UnHAnaAW.x86 net net-scan send-data guuid=121f30d6-1900-0000-d8a8-008c95140000 pid=5269->guuid=679b59d6-1900-0000-d8a8-008c9c140000 pid=5276 clone guuid=de8e40d6-1900-0000-d8a8-008c96140000 pid=5270->9a5bfd7d-6ca1-5e69-b1de-790583636c52 send: 92B guuid=c18c45d6-1900-0000-d8a8-008c97140000 pid=5271->8b0a01dc-0728-52c1-8024-c4ba7801b8d6 con guuid=c18c45d6-1900-0000-d8a8-008c97140000 pid=5271|send-data send-data to 4097 IP addresses review logs to see them all guuid=c18c45d6-1900-0000-d8a8-008c97140000 pid=5271->guuid=c18c45d6-1900-0000-d8a8-008c97140000 pid=5271|send-data send guuid=f27b49d6-1900-0000-d8a8-008c98140000 pid=5272->8b0a01dc-0728-52c1-8024-c4ba7801b8d6 con 18aef60c-d2e4-5777-8d42-9f71168f1308 95.217.60.36:80 guuid=f27b49d6-1900-0000-d8a8-008c98140000 pid=5272->18aef60c-d2e4-5777-8d42-9f71168f1308 send: 40B 63541b8c-66e1-59fd-925d-61ee0c3c7125 95.216.13.208:80 guuid=f27b49d6-1900-0000-d8a8-008c98140000 pid=5272->63541b8c-66e1-59fd-925d-61ee0c3c7125 con guuid=f27b49d6-1900-0000-d8a8-008c98140000 pid=5272|send-data send-data to 4097 IP addresses review logs to see them all guuid=f27b49d6-1900-0000-d8a8-008c98140000 pid=5272->guuid=f27b49d6-1900-0000-d8a8-008c98140000 pid=5272|send-data send guuid=883e4ed6-1900-0000-d8a8-008c99140000 pid=5273->8b0a01dc-0728-52c1-8024-c4ba7801b8d6 con 0b04396d-0bb3-574c-b660-3685548363ec 95.125.176.191:8080 guuid=883e4ed6-1900-0000-d8a8-008c99140000 pid=5273->0b04396d-0bb3-574c-b660-3685548363ec send: 40B guuid=883e4ed6-1900-0000-d8a8-008c99140000 pid=5273|send-data send-data to 4097 IP addresses review logs to see them all guuid=883e4ed6-1900-0000-d8a8-008c99140000 pid=5273->guuid=883e4ed6-1900-0000-d8a8-008c99140000 pid=5273|send-data send guuid=679b59d6-1900-0000-d8a8-008c9c140000 pid=5276->8b0a01dc-0728-52c1-8024-c4ba7801b8d6 con guuid=679b59d6-1900-0000-d8a8-008c9c140000 pid=5276|send-data send-data to 4097 IP addresses review logs to see them all guuid=679b59d6-1900-0000-d8a8-008c9c140000 pid=5276->guuid=679b59d6-1900-0000-d8a8-008c9c140000 pid=5276|send-data send
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/f003d50f22972bedb7e40b8d3de771ace5d37d935ff9410935eb80144b3e76eb
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/f003d50f22972bedb7e40b8d3de771ace5d37d935ff9410935eb80144b3e76eb/
Verdict:
Malicious
Threat:
Trojan-Downloader.Shell.Agent
Link:
https://tip.neiki.dev/file/f003d50f22972bedb7e40b8d3de771ace5d37d935ff9410935eb80144b3e76eb
Threat name:
Linux.Trojan.Vigorf
Create hunting rule
Status:
Malicious
First seen:
2025-09-27 08:38:26 UTC
File Type:
Text (Shell)
AV detection:
15 of 24 (62.50%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=6ab5kdzcs4v63n7ebogt3z3rvts5g7mtl74uccjv5oabisz6o3vq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/250927-kjddeaxta1/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/f003d50f22972bedb7e40b8d3de771ace5d37d935ff9410935eb80144b3e76eb

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh f003d50f22972bedb7e40b8d3de771ace5d37d935ff9410935eb80144b3e76eb

(this sample)

Mirai

elf a0822f8acdc5b0d20b2bd2bcc92a2c341c18ee04e38fae3407d3d1ff9eef85a1

  
URLhaus
https://urlhaus.abuse.ch/url/3532738/
  
Delivery method
Distributed via web download
  
Dropping
MD5 a40adf8db448637a15286a81e79fa19d
  
Dropping
SHA256 a0822f8acdc5b0d20b2bd2bcc92a2c341c18ee04e38fae3407d3d1ff9eef85a1

Comments