MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 fa54840cd4670e87ce6e9a2c4c0c577a1c5235e3da891a9164507dfec60d410f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: fa54840cd4670e87ce6e9a2c4c0c577a1c5235e3da891a9164507dfec60d410f
SHA3-384 hash: 4908260c5f80b67ea38858105b06b4dc67b9f91dcea135627c82d1cb6def3ed124e508a38c8aa1c5ba56d16b4b2b9b06
SHA1 hash: 2191e48956b47290602aafe20da9e3656b14f476
MD5 hash: 74cf06d715eecacad5694d57fddd049b
humanhash: burger-lithium-equal-delta
File name:sh
Download: download sample
Signature Mirai
Create hunting rule
File size:282 bytes
First seen:2024-12-21 09:10:50 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 6:/VJq4P/rVYB3LfHzKY3F5kJVKE6LsVKE6NiVVNDV2uVf6vC5:/VJZjYbag5sguThb
TLSH T1BFD02B2FC403C0FF60014999FEFDB998BB0F2299078E13086E7D42535CE8C48705553A
Magika shell
Reporter abuse_ch
Tags:mirai sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
101
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.DownLoader.2243.9232.18100.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
90.2%
Link:
https://cyber-fortress.com/docs/result/index.php?id=676688bd8a4d48ee35fdb02blinux22vpnfull_triage
Tags:
phishing backdoor overt remo
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/6766862681341676039675f0/reports/76f5e343-af77-4fc2-9c2e-5c3b03239709/overview
Verdict:
Malicious
Labled as:
Bash.MiraiB.Generic
Link:
https://www.hybrid-analysis.com/sample/fa54840cd4670e87ce6e9a2c4c0c577a1c5235e3da891a9164507dfec60d410f
Result
Verdict:
MALICIOUS
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/fa54840cd4670e87ce6e9a2c4c0c577a1c5235e3da891a9164507dfec60d410f
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/fa54840cd4670e87ce6e9a2c4c0c577a1c5235e3da891a9164507dfec60d410f/
Threat name:
Linux.Downloader.MiraiB
Create hunting rule
Status:
Malicious
First seen:
2024-12-21 09:22:04 UTC
File Type:
Text (Shell)
AV detection:
15 of 38 (39.47%)
Threat level:
  3/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=7jkiidgum4hipttotiweydcxpiofenpd3kervelekb675rqniehq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
discovery
Link:
https://tria.ge/reports/241221-lbwqfsxmen/
Behaviour
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/fa54840cd4670e87ce6e9a2c4c0c577a1c5235e3da891a9164507dfec60d410f

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh fa54840cd4670e87ce6e9a2c4c0c577a1c5235e3da891a9164507dfec60d410f

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3289071/
  
Delivery method
Distributed via web download

Comments