MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 82a993ef227ffb60c9a48b56e8d329b9331223008d6d40954d3ad4fd57169b79. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

SHA256 hash:	82a993ef227ffb60c9a48b56e8d329b9331223008d6d40954d3ad4fd57169b79
SHA3-384 hash:	82d3918ac7fafe5b2d425b5aa49efe6f8c3c34e69e5379f8ab9fdfd3e3053811a12a67a92079299eb558b91bc5e7f8a1
SHA1 hash:	008f2006dfc1ff2b3a4210f723b90409740aec9d
MD5 hash:	5218856f4936c448cbb7c0b3671ae91e
humanhash:	monkey-bulldog-earth-yellow
File name:	toto.sh
Download:	download sample
Signature	Mirai Alert Create hunting rule
File size:	1'053 bytes
First seen:	2025-09-30 05:30:22 UTC
Last seen:	Never
File type:	sh
MIME type:	text/plain
ssdeep	12:A+v99+pa39+JNIQr9+SvKQ9+29++9+Yr9+nMK9+J99+V9+t+9+WwDv:gNIYK1sqwDv
TLSH	T16C1181F9001AA12414006F12715608356CBBF7E692339AF9947FE423E9CB5E03B21EB5
Magika	txt
Reporter	abuse_ch
Tags:	sh

Intelligence

---

File Origin

# of uploads :

1

# of downloads :

45

Origin country :

DE

Vendor Threat Intelligence

ClamAV Detected

Detection(s):

SecuriteInfo.com.Shell.Downloader.Gen-1.UNOFFICIAL

Alert

Create hunting rule

FileScan.IO Malicious

Verdict:

Malicious

Threat level:

  10/10

Confidence:

100%

Link:

https://www.filescan.io/uploads/68db6b086c140e5b35ff92b1/reports/503326b8-f673-462d-8ede-27eec3251e40/overview

Kaspersky OpenTIP Malicious

Verdict:

Malicious

File Type:

ps1

First seen:

2025-09-30T02:52:00Z UTC

Last seen:

2025-09-30T02:52:00Z UTC

Hits:

~10

Detections:

HEUR:Backdoor.Linux.Mirai.ba HEUR:Backdoor.Linux.Mirai.b HEUR:Backdoor.Linux.Mirai.au HEUR:Trojan-Downloader.Shell.Agent.cl HEUR:Exploit.Linux.CVE-2017-17215.a

Link:

https://opentip.kaspersky.com/82a993ef227ffb60c9a48b56e8d329b9331223008d6d40954d3ad4fd57169b79/results?tab=lookup

Kunai Sandbox

Status:

terminated

Link:

https://sandbox.kunai.rocks/analysis/707eb46f-e440-4af5-8acf-2dcef3fac1a9

Behavior Graph:

Download SVG

Nucleon Malprob Malware

Score:

100%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/82a993ef227ffb60c9a48b56e8d329b9331223008d6d40954d3ad4fd57169b79

CERT.PL MWDB

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/82a993ef227ffb60c9a48b56e8d329b9331223008d6d40954d3ad4fd57169b79/

Neiki Backdoor.Linux.Mirai

Verdict:

Malicious

Threat:

Backdoor.Linux.Mirai

Link:

https://tip.neiki.dev/file/82a993ef227ffb60c9a48b56e8d329b9331223008d6d40954d3ad4fd57169b79

ReversingLabs TitaniumCloud Linux.Trojan.Egairtigado

Threat name:

Linux.Trojan.Egairtigado

Alert

Create hunting rule

Status:

Malicious

First seen:

2025-09-30 05:31:25 UTC

File Type:

Text (Shell)

AV detection:

20 of 38 (52.63%)

Threat level:

  5/5

Spamhaus Hash Blocklist Suspicious file

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=qkuzh3zcp75wbsnernloruzjxezreiyarvwubfknhlkp2vywtn4q._file

Hatching Triage Unknown

Result

Malware family:

n/a

Score:

  3/10

Tags:

n/a

Link:

https://tria.ge/reports/250930-f7kp6strx9/

Behaviour

Modifies registry class

Suspicious use of SetWindowsHookEx

Enumerates physical storage devices

VirusTotal

Please note that we are no longer able to provide a coverage score for Virus Total.

YOROI YOMI Legit

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/82a993ef227ffb60c9a48b56e8d329b9331223008d6d40954d3ad4fd57169b79