MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 1246a207c8b4e5ca294b99f293c606785d82cb3a30fbb68a1f221424da4e8162. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 1246a207c8b4e5ca294b99f293c606785d82cb3a30fbb68a1f221424da4e8162
SHA3-384 hash: 3b33e6cb4b3c1cd9e2161727d459da06f9562a82c4fee03b749faa90475f69196347903273bed2af3b35eebf36cc1b2e
SHA1 hash: 1bf77d6f917cc4759fe0f31eb88d9e63d5ff328c
MD5 hash: d2d9c1a97e6a9dd989c939520127edba
humanhash: ohio-carpet-tango-lion
File name:sh.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:1'739 bytes
First seen:2025-05-06 12:51:26 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 48:ZTi97T3ZiTRETET7TgTm6u7TmWdTWTs7T4TmOcTi9UcT3ZPcTRhcThcTUcTVcTmE:l4X3Z+qYX0aXpisXMe4p3ZYk6pGap7MD
TLSH T1BF315CCE60A5F114489CFD083892D479A215C7C2BA49AFF8ECCC6DB2FAD4914B475F49
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://176.65.144.76/bejv86396fdede30560378a9b000b21347b2e56f31dbab782888a3d81a1a6a3ffa3140 Miraielf mirai ua-wget
http://176.65.144.76/weje64d55e1475de697dc78e6c7500a60cd6d24e065d9c06ef6cfbd5825c5dda909e94 Miraielf mirai ua-wget
http://176.65.144.76/rrrdsl422b398e45f16ef5c00ec9568d5acfe877de7e5586b322cb4869ddb664b45f1a Miraielf mirai ua-wget
http://176.65.144.76/jfeeps24c6cc79119d0f8061dc273a076d14f6933775bd73e9c7ae7e1b5ce79882c79c Miraielf mirai ua-wget
http://176.65.144.76/drea4bb91c1a225b25ab31cde6d499a1875dcf7fed692f74b23e70b3619adeca39205 Miraibash mirai ua-curl ua-wget
http://176.65.144.76/vejfa585869103c4eb75857dbf60595c9784c43ebe1627e36d5ef05f1b650bc914450b Miraielf mirai ua-wget
http://176.65.144.76/efea6872d1c6fd7c586756bb7cadca36d1e5e7212ef68ad01975e39a5cbb057b7c007 Miraielf mirai ua-wget
http://176.65.144.76/efefa7b9f84a2b06b15ec53f3ebdcf1d2495d509f8fc9ddd919b48321dafbfac03e8c4 Miraibash mirai ua-curl ua-wget
http://176.65.144.76/eehah4e4d5f779e1a400c97da491d82351f4122ef2ce6aae278efe6889f0c0c74b2202 Miraielf mirai ua-wget
http://176.65.144.76/rjfe686d2e610c8f3a113f2dfcac5258a9965f3d7bcca0db848e9c2e000bf859711c3e8 Miraielf mirai ua-wget
http://176.65.144.76/vjwe68k9e34d4fb79c6e2d4207963034a2bb1d1fa7fb0a39efb057fa934ef7ac5d2aca3 Miraielf mirai ua-wget
http://176.65.144.76/efjepc33b99fe2bf135c3abaeddccf08477d2a2ed87e3583bbbcf2e175b1a0cfbf4029 Miraielf mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
75
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=681a06c7432e243ac3e49db7linux22vpnfull_triage
Tags:
n/a
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
bash busybox explorer lolbin mirai remote
Link:
https://www.filescan.io/uploads/681a05fa0b64e174c419e9a7/reports/1d701d74-102e-47a6-9b88-1f48ab9275f3/overview
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/1246a207c8b4e5ca294b99f293c606785d82cb3a30fbb68a1f221424da4e8162
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/1246a207c8b4e5ca294b99f293c606785d82cb3a30fbb68a1f221424da4e8162/
Threat name:
Win32.Trojan.Vigorf
Create hunting rule
Status:
Malicious
First seen:
2025-05-06 12:52:12 UTC
File Type:
Text (Shell)
AV detection:
8 of 24 (33.33%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=cjdkeb6iwts4ukklthzjhrqgpboyfsz2gd53ncq7eikcjwsoqfra._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
linux
Link:
https://tria.ge/reports/250506-p34rxs1rs5/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/1246a207c8b4e5ca294b99f293c606785d82cb3a30fbb68a1f221424da4e8162

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 1246a207c8b4e5ca294b99f293c606785d82cb3a30fbb68a1f221424da4e8162

(this sample)

Mirai

elf 396fdede30560378a9b000b21347b2e56f31dbab782888a3d81a1a6a3ffa3140

  
URLhaus
https://urlhaus.abuse.ch/url/3536313/
  
Delivery method
Distributed via web download
  
Dropping
MD5 ee582be043b4b8b236083cf2bb18addd
  
Dropping
SHA256 396fdede30560378a9b000b21347b2e56f31dbab782888a3d81a1a6a3ffa3140

Comments