MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 082577cee4e185f4faebaa1f31c4739babf0569d4b3a0bd7e7453b4f5310a1fa. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 082577cee4e185f4faebaa1f31c4739babf0569d4b3a0bd7e7453b4f5310a1fa
SHA3-384 hash: 488d55239dbb620ec60767e52dec88b41775f0a6ec1ee43fe17cdbb546956d511cbe429f4f6f6f2025b400adac3b160d
SHA1 hash: a5a557ec5b77b5e18d46881f1ec9db77cbdeaf27
MD5 hash: 6d78fa485ed425a375d4ef0075d64a0f
humanhash: timing-river-eleven-solar
File name:l
Download: download sample
Signature Mirai
Create hunting rule
File size:917 bytes
First seen:2024-11-07 15:27:02 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 12:7XOTtvmZPuXOpqXYcGFyZow4+2JRgEiJbmVLHeuET3VLHeuNK/VLHeu3:Twv53GFyZou2Bb+BZ+gA+M
TLSH T15611888884263D1870B1CCCDF2A38C06FE06E57EAE691A44BF4D947B8BAE505B054F8D
Magika shell
Reporter abuse_ch
Tags:mirai sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
65
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Malware.30786.LX.BOT.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
93.3%
Link:
https://cyber-fortress.com/docs/result/index.php?id=672ce0108d23d9049134ff7elinux22vpnfull_triage
Tags:
phishing trojan agent overt
Verdict:
Unknown
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/672cdc53030d1b0aaf40176b/reports/c27bcf30-6364-416c-a12d-8b1582345bd7/overview
Verdict:
Malicious
Labled as:
Trojan[Downloader]/Shell.Agent
Link:
https://www.hybrid-analysis.com/sample/082577cee4e185f4faebaa1f31c4739babf0569d4b3a0bd7e7453b4f5310a1fa
Result
Verdict:
UNKNOWN
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/082577cee4e185f4faebaa1f31c4739babf0569d4b3a0bd7e7453b4f5310a1fa
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/082577cee4e185f4faebaa1f31c4739babf0569d4b3a0bd7e7453b4f5310a1fa/
Threat name:
Linux.Trojan.Vigorf
Create hunting rule
Status:
Malicious
First seen:
2024-11-07 15:43:06 UTC
File Type:
Text (Shell)
AV detection:
11 of 24 (45.83%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=basxptxe4gc7j6xlviptdrdttov7avu5jm5axv7hiu5u6uyquh5a._file
Result
Malware family:
mirai
Create hunting rule
Score:
  10/10
Tags:
family:mirai botnet:botnet botnet defense_evasion discovery execution linux persistence privilege_escalatio
Link:
https://tria.ge/reports/241107-s5w2msvjaz/
Behaviour
Reads runtime system information
System Network Configuration Discovery
Writes file to tmp directory
Changes its process name
Reads system network configuration
Creates/modifies Cron job
Enumerates active TCP sockets
Enumerates running processes
File and Directory Permissions Modification
Executes dropped EXE
Renames itself
Unexpected DNS network traffic destination
Contacts a large (250914) amount of remote hosts
Creates a large amount of network flows
Mirai
Mirai family
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
0.90
Link:
https://yomi.yoroi.company/submissions/082577cee4e185f4faebaa1f31c4739babf0569d4b3a0bd7e7453b4f5310a1fa

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 082577cee4e185f4faebaa1f31c4739babf0569d4b3a0bd7e7453b4f5310a1fa

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3280715/
  
Delivery method
Distributed via web download

Comments