MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 86a2672afe9d6fdf22e77338945eb7f7885eedc80569afce02bc0c8a718cd6c9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 86a2672afe9d6fdf22e77338945eb7f7885eedc80569afce02bc0c8a718cd6c9
SHA3-384 hash: 34637ef5179144c310a063a3e99fe2da1999139df20cdaaf6d5c6171480a1a477a9d3890156cd0ac36704f6aa7733d82
SHA1 hash: a47811667a9e6f962f409f406aa9e24f8ad8fe04
MD5 hash: 917063fe8658230b884a76a9a957ea38
humanhash: robert-alpha-zebra-ten
File name:shk
Download: download sample
Signature Mirai
Create hunting rule
File size:623 bytes
First seen:2025-09-27 10:15:31 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 12:ZIREYMF0ghsQHFBd8ghzYuTyisJFz5ghswpFBd8gh0ghmMTh4WYO80:ZIRxMKZQlBWluoLz5ZwrBW7z6udG
TLSH T1FBF02D5EBD41407B7035CC747AF70965E50F63961E8B219DA2DD6107F9F8C617001573
Magika shell
Reporter abuse_ch
Tags:mirai sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
41
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Labled as:
Trojan[Downloader]/Shell.Agent
Link:
https://www.hybrid-analysis.com/sample/86a2672afe9d6fdf22e77338945eb7f7885eedc80569afce02bc0c8a718cd6c9
Verdict:
Malicious
File Type:
unix shell
First seen:
2025-09-27T08:01:00Z UTC
Last seen:
2025-09-27T08:01:00Z UTC
Hits:
~10
Detections:
Trojan-Downloader.Shell.Agent.bi HEUR:Trojan-Downloader.Shell.Agent.p
Link:
https://opentip.kaspersky.com/86a2672afe9d6fdf22e77338945eb7f7885eedc80569afce02bc0c8a718cd6c9/results?tab=lookup
Score:
99%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/86a2672afe9d6fdf22e77338945eb7f7885eedc80569afce02bc0c8a718cd6c9
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/86a2672afe9d6fdf22e77338945eb7f7885eedc80569afce02bc0c8a718cd6c9/
Verdict:
Malicious
Threat:
Family.MIRAI
Link:
https://tip.neiki.dev/file/86a2672afe9d6fdf22e77338945eb7f7885eedc80569afce02bc0c8a718cd6c9
Threat name:
Linux.Trojan.Vigorf
Create hunting rule
Status:
Malicious
First seen:
2025-09-27 10:53:01 UTC
File Type:
Text (Shell)
AV detection:
10 of 24 (41.67%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=q2rgokx6tvx56ixhom4jixvx66ef53oiavu27tqcxqgiu4mm23eq._file
Result
Malware family:
n/a
Score:
  9/10
Tags:
credential_access defense_evasion discovery execution linux persistence privilege_escalation
Link:
https://tria.ge/reports/250927-ph6e1sbr7y/
Behaviour
Reads runtime system information
System Network Configuration Discovery
Writes file to tmp directory
Changes its process name
Reads process memory
Creates/modifies Cron job
Enumerates running processes
Modifies init.d
Modifies rc script
File and Directory Permissions Modification
Executes dropped EXE
Contacts a large (170779) amount of remote hosts
Creates a large amount of network flows
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.37
Link:
https://yomi.yoroi.company/submissions/86a2672afe9d6fdf22e77338945eb7f7885eedc80569afce02bc0c8a718cd6c9

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 86a2672afe9d6fdf22e77338945eb7f7885eedc80569afce02bc0c8a718cd6c9

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3620246/
  
Delivery method
Distributed via web download

Comments