MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8cac81988368d5643318bd6abb1e418b05033f27840570fe3f32a197ef5bae09. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8cac81988368d5643318bd6abb1e418b05033f27840570fe3f32a197ef5bae09
SHA3-384 hash: 07f3347f83a9b1b6f45dedf6ddeaf35d29f32c4d6b9a4009f838afc6a4dff881e5ff1ffe062d17a0ee558e319c3fd784
SHA1 hash: e31f496de706ea839b7e952c4f01df1e8c345de1
MD5 hash: 79f0dc259d344a4c98e181d642bdc667
humanhash: india-moon-bakerloo-cola
File name:telnet.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:1'778 bytes
First seen:2025-08-14 06:53:15 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 48:jcDun4ZdkbMHfcf/TanuHUPrswmgZVMD929NQJ:6EgJe4E
TLSH T17B3187CDF3A1DED1C642CE61B871C3C4A3ADD6CA2692CB71F4CA1C29984DA80BC75716
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://87.248.150.68:83/x86_64ba94cc3a52c4c22fd41d6560e76de38c9f4dc23556d08324e3a36636b207a83c Miraielf mirai ua-wget
http://87.248.150.68:83/aarch64eca06d83a2394126e886631634305ab4a5b4525c6fc62271c5574ea8b7208837 Miraielf mirai ua-wget
http://87.248.150.68:83/m68kc549ee8f3adcebf73cb210176052aab4cd89eb4cd935688dff2c01b03ed7d554 Miraielf mirai ua-wget
http://87.248.150.68:83/mips4c31553e32259787287f685cf90b661a41c6fca534cd2d3df2d8cbdfce98a7b2 Miraielf geofenced mips mirai ua-wget USA
http://87.248.150.68:83/mipsel55a408bf4c1a1602404b7a14dc391da30c3ab5e3263f816ffa700a7e12ac5f6a Miraielf geofenced mips mirai ua-wget USA
http://87.248.150.68:83/powerpc5f213d7a0b57184eab74100cf4696ad2cd9a96ca42a94f3d926654534f44ef78 Miraielf mirai ua-wget
http://87.248.150.68:83/sparca269ab4064e830d26775745e24c7bd1f365977ce7e6a4db5b6fa08955afc9a1c Miraielf mirai ua-wget
http://87.248.150.68:83/sh4a9464ea2abb53e2a67eb7c49daa39628909ba8e1d9134c245e29ad2fa81ed2ab Miraielf mirai ua-wget
http://87.248.150.68:83/arcb02922859b7879b3e17d89e0913dd525ceb241ec0601e89e015c35b7d1fd9ef4 Miraielf mirai ua-wget
http://87.248.150.68:83/i486a366d17645f3fbe651c3c14ec83b0027897a46cd5dc7ec24c62a0addf92b08c5 Miraielf mirai ua-wget
http://87.248.150.68:83/armv4ld49cd2aae04c2cdea6a236a1cda14a35107b69b4f767b65cd9349d7fa3bb4c8b Miraielf mirai ua-wget
http://87.248.150.68:83/armv5lfbf3fdd467d0d6f1ed08999e9bf419fb7a6bf20e160c891da9335f7f5b224a8c Miraielf mirai ua-wget
http://87.248.150.68:83/armv6l8db7282427298887b5b1d55f5d032d91531e969d2d0b484477f42153bd5c72f6 Miraielf mirai ua-wget
http://87.248.150.68:83/armv7l0ecda603c0897934aba4639459793e423d4f75f6af466f71327f72142a0ab8d4 Miraielf mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
30
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.DownLoader.683.3251.22258.UNOFFICIAL
Create hunting rule

Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/8cac81988368d5643318bd6abb1e418b05033f27840570fe3f32a197ef5bae09
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/8cac81988368d5643318bd6abb1e418b05033f27840570fe3f32a197ef5bae09/
Verdict:
Malicious
Threat:
HEUR:Trojan-Downloader.Shell.Agent
Link:
https://tip.neiki.dev/file/8cac81988368d5643318bd6abb1e418b05033f27840570fe3f32a197ef5bae09
Threat name:
Document-HTML.Trojan.Vigorf
Create hunting rule
Status:
Malicious
First seen:
2025-08-14 06:53:35 UTC
File Type:
Text (Shell)
AV detection:
15 of 38 (39.47%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=rswidgedndkwimyyxvvlwhsbrmcqgpzhqqcxb7r7gkqzp323vyeq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
linux
Link:
https://tria.ge/reports/250814-hnx79sz1cv/
Behaviour
Writes file to tmp directory
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.34
Link:
https://yomi.yoroi.company/submissions/8cac81988368d5643318bd6abb1e418b05033f27840570fe3f32a197ef5bae09

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 8cac81988368d5643318bd6abb1e418b05033f27840570fe3f32a197ef5bae09

(this sample)

Mirai

elf ba94cc3a52c4c22fd41d6560e76de38c9f4dc23556d08324e3a36636b207a83c

  
URLhaus
https://urlhaus.abuse.ch/url/3602395/
  
Delivery method
Distributed via web download
  
Dropping
MD5 ea0334234022f7ebc1940c5cdb4a6d92
  
Dropping
SHA256 ba94cc3a52c4c22fd41d6560e76de38c9f4dc23556d08324e3a36636b207a83c
  
URLhaus
https://urlhaus.abuse.ch/url/3603026/
  
URLhaus
https://urlhaus.abuse.ch/url/3603028/

Comments