MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2fac8c833f6a56cffddfc328e56728b8ee824a31835ac552016feaf95df48bd1. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



Mirai


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments

SHA256 hash: 2fac8c833f6a56cffddfc328e56728b8ee824a31835ac552016feaf95df48bd1
SHA3-384 hash: 8ea8aba52ae27a592a3fa232da462844b586f5f579c4362b732e1072dd404a5bfdda4b404b0cfbf885f238d27344ea98
SHA1 hash: 29f3c52d661966b7becfd592668a77a8fe5ea7ad
MD5 hash: 7f94f5788b082d0a7b8c6128f6199b18
humanhash: equal-tennessee-happy-missouri
File name:c.sh
Download: download sample
Signature Mirai
File size:778 bytes
First seen:2025-05-03 09:12:45 UTC
Last seen:2025-05-13 10:05:39 UTC
File type: sh
MIME type:text/plain
ssdeep 24:3J3jK31wK3LLlK3hNI7vK3xKwKZ+KV9KfUKkMKFtBzKQKaiGKZHR:JK31wK33lK3cvK3xVKZ+KXKfUK9KlzKp
TLSH T1C2019BCD27A5A6C31F0C8E1DB0BA898D6A4592C1F970CE15F81CD8F568D5605305CBBF
Magika txt
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://161.248.238.54/arm6f6b15d1480dcd4eb3339bfe5210a58694433f7d62fa38b4d4ab729810ec301b Miraielf mirai
http://161.248.238.54/arm59f8d153c1085b0e95550fc4e5565253c5e67ec00787ba1e8361ee9509c689e23 Miraielf mirai
http://161.248.238.54/arm666379a88fb87bf7d23187ba8479f26322ff3e3547b3986d09ab8bffd2f1f064f Miraielf mirai
http://161.248.238.54/arm79f3155bea08d56448740c4777a9e83a10ee28f619e7e1c9175122e6422100f1f Miraielf mirai
http://161.248.238.54/m68kn/an/aelf mirai
http://161.248.238.54/mips11307d83209bca0e6faa99051785a69b08369c33603fcaf9f8e2603c37146612 Miraielf mirai
http://161.248.238.54/mpsl952c4a054a4efd75cc6fb16ee0015c61005ec5beaf6158bf0fe4baee9eab43b5 Miraielf mirai
http://161.248.238.54/ppcn/an/aelf mirai
http://161.248.238.54/sh4n/an/aelf mirai
http://161.248.238.54/spcde7a5d186f6479d750e25924643899efa46b62832ab17affa562abe7931bc2d8 Miraielf mirai
http://161.248.238.54/x86c30a4fd2a4d30dd2a85af8c15754c5ede1a824b8dbe0254d6e4d5474cb4a060e Miraielf mirai
http://161.248.238.54/x86_645c279f4fc7c31f9c35ab244de3d2841b610d24b88286a6b28760a313ec093627 Miraielf mirai

Intelligence


File Origin
# of uploads :
2
# of downloads :
80
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Score:
99.9%
Tags:
trojan mirai virus hype
Threat name:
Linux.Trojan.Egairtigado
Status:
Malicious
First seen:
2025-05-03 08:52:12 UTC
File Type:
Text (Shell)
AV detection:
14 of 24 (58.33%)
Threat level:
  5/5
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 2fac8c833f6a56cffddfc328e56728b8ee824a31835ac552016feaf95df48bd1

(this sample)

  
Delivery method
Distributed via web download

Comments