MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7546ca09ea6c78d57f148f5ec216768ec71e20fa227223520d049f4c2f0cccdf. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

SHA256 hash:	7546ca09ea6c78d57f148f5ec216768ec71e20fa227223520d049f4c2f0cccdf
SHA3-384 hash:	1d3cf1b449b40eb89aeb57d46d9c1b97ba98d723f6447ccd04ab832926cbecbb06aaecd633fabea0e1af21fd86430bd2
SHA1 hash:	2b83e801cb54a6b2f263dd1f5c5b926a2df4b477
MD5 hash:	814361c7070478505eb4c33ce3f24bf0
humanhash:	tennessee-music-carpet-vegan
File name:	1.sh
Download:	download sample
Signature	Mirai Alert Create hunting rule
File size:	2'312 bytes
First seen:	2025-08-07 10:49:09 UTC
Last seen:	Never
File type:	sh
MIME type:	text/x-shellscript
ssdeep	48:4peVupTpYlCp18ZipdMpimBpik942pNHN9w07BpkgmGWwpvUKpDptBpCKpBI:4suzYlCAZi83BBPzygDVN4
TLSH	T18A41CBC42391D566E9EFD848B2FAC568E4C051C7AC8C5D0EC8DC58B84D6CF24F4DE6A0
Magika	shell
Reporter	abuse_ch
Tags:	mirai sh

Intelligence

---

File Origin

# of uploads :

1

# of downloads :

33

Origin country :

DE

Vendor Threat Intelligence

Kunai Sandbox

Status:

terminated

Link:

https://sandbox.kunai.rocks/analysis/eca5cfc3-8a13-497f-8cc4-6a551a885c5e

Behavior Graph:

Download SVG

Nucleon Malprob Malware

Score:

100%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/7546ca09ea6c78d57f148f5ec216768ec71e20fa227223520d049f4c2f0cccdf

CERT.PL MWDB

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/7546ca09ea6c78d57f148f5ec216768ec71e20fa227223520d049f4c2f0cccdf/

Neiki HEUR:Trojan-Downloader.Shell.Agent

Verdict:

Malicious

Threat:

HEUR:Trojan-Downloader.Shell.Agent

Link:

https://tip.neiki.dev/file/7546ca09ea6c78d57f148f5ec216768ec71e20fa227223520d049f4c2f0cccdf

ReversingLabs TitaniumCloud Linux.Trojan.Vigorf

Threat name:

Linux.Trojan.Vigorf

Alert

Create hunting rule

Status:

Malicious

First seen:

2025-08-07 10:50:56 UTC

File Type:

Text (Shell)

AV detection:

12 of 23 (52.17%)

Threat level:

  5/5

Spamhaus Hash Blocklist Suspicious file

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=ovdmucpknr4nk7yur5pmeftwr3dr4ih2ejzcguqnaspuylymztpq._file

Hatching Triage mirai

Result

Malware family:

mirai

Alert

Create hunting rule

Score:

  10/10

Tags:

family:mirai botnet:botnet antivm botnet credential_access defense_evasion discovery linux

Link:

https://tria.ge/reports/250807-mxsflagj6w/

Behaviour

Reads runtime system information

System Network Configuration Discovery

Changes its process name

Checks CPU configuration

Reads process memory

Enumerates running processes

File and Directory Permissions Modification

Deletes itself

Executes dropped EXE

Mirai

Mirai family

Malware Config

C2 Extraction:

176.65.148.51

VirusTotal

Please note that we are no longer able to provide a coverage score for Virus Total.

YOROI YOMI Legit

Threat name:

Legit

Score:

0.11

Link:

https://yomi.yoroi.company/submissions/7546ca09ea6c78d57f148f5ec216768ec71e20fa227223520d049f4c2f0cccdf