MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 686f7b86a5c9c38b5011f1884991ad524d15f44408c68fab34493210b471961e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 686f7b86a5c9c38b5011f1884991ad524d15f44408c68fab34493210b471961e
SHA3-384 hash: c3c62e683f0957e2b1f7b74051694b6514a3c8f4e863d2968ce36a18d3dc23dfd1a8cf76965f8378d5787ec8f322a317
SHA1 hash: fcc093b8518cea822926cd862929d637c7b0f28e
MD5 hash: dd0b7bf0d352bc08a325de0304fe4fad
humanhash: thirteen-carbon-alanine-batman
File name:brr
Download: download sample
Signature Mirai
Create hunting rule
File size:582 bytes
First seen:2025-02-26 19:48:41 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 12:RE8bpyGQGkEd86e7EkKyEXmOEqX3MSzNIxEnXG+EkX9:RE8hQGkEG6e7EkSWOEqnMSzNIxEn5EkN
TLSH T13FF0C89912A2370700AC6D65F0F55CA5B250D28D13274FDFFCC44535AB9AD20FD319A4
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://46.19.143.10/nabmips71c4c735861f35ed4b7ed9c75b5c4f89bd4c71f2d70f287f5f9d0b113ad5a667 Miraimirai opendir
http://46.19.143.10/nabmpsla693118b9c7edf9051a7d0228c47b4f5d1a2ae06eb5ac3351f89da857c9f55a7 Miraimirai opendir
http://46.19.143.10/nabarm564d5fa08f78803c4f99e2df3e46a9bf65f4006b814e6bcaaac8f502d0f19847 Miraimirai opendir
http://46.19.143.10/nabarm5a698d787649fe2a7dfc49250d92232c9f4b96d15076809f33cf532ca1aa513fc Miraimirai opendir
http://46.19.143.10/nabarm64140f9ab23973bd0e0f658271372d0499e4f8b7598390fe1038da5f4526e7754 Miraimirai opendir
http://46.19.143.10/nabarm7fb531b9c8d62d2e4fefe7e86921942555154d85d70648af680cb71118885ecc3 Miraimirai opendir

Intelligence

File Origin
# of uploads :
1
# of downloads :
67
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.Downloader-35.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
94.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67c001db28ab76d43a5da621linux22vpnfull_triage
Tags:
mirai agent virus shell
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
evasive
Link:
https://www.filescan.io/uploads/67bf70533c5f644bd9398f97/reports/5845ff02-c9eb-4a43-9ea2-735f5c84b20f/overview
Verdict:
Malicious
Labled as:
Downloader/Shell.Generic
Link:
https://www.hybrid-analysis.com/sample/686f7b86a5c9c38b5011f1884991ad524d15f44408c68fab34493210b471961e
Result
Verdict:
UNKNOWN
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/686f7b86a5c9c38b5011f1884991ad524d15f44408c68fab34493210b471961e
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/686f7b86a5c9c38b5011f1884991ad524d15f44408c68fab34493210b471961e/
Threat name:
Linux.Downloader.Generic
Create hunting rule
Status:
Suspicious
First seen:
2025-02-26 19:57:57 UTC
File Type:
Text (Shell)
AV detection:
9 of 24 (37.50%)
Threat level:
  3/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=nbxxxbvfzhbywuar6geetennkjgrl5cebddi7kzujezbbndrsypa._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/686f7b86a5c9c38b5011f1884991ad524d15f44408c68fab34493210b471961e

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 686f7b86a5c9c38b5011f1884991ad524d15f44408c68fab34493210b471961e

(this sample)

Mirai

elf 594c6df7cab52e4c92376ab3134b143537d9dc122af5d99824aa6bd6c44af922

  
URLhaus
https://urlhaus.abuse.ch/url/3458281/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3458298/
  
URLhaus
https://urlhaus.abuse.ch/url/3458645/
  
URLhaus
https://urlhaus.abuse.ch/url/3458672/
  
URLhaus
https://urlhaus.abuse.ch/url/3458883/
  
URLhaus
https://urlhaus.abuse.ch/url/3458926/
  
Dropping
MD5 5a993cc5704b89850188af54377e9e03
  
Dropping
SHA256 594c6df7cab52e4c92376ab3134b143537d9dc122af5d99824aa6bd6c44af922

Comments