MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 9ca881abd3c11368e381b8a9f6d32ef14e022058ce936922afb82164c17f3310. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 8


Intelligence 8 IOCs YARA 2 File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 9ca881abd3c11368e381b8a9f6d32ef14e022058ce936922afb82164c17f3310
SHA3-384 hash: 44ffa19af2a6e746589076ac0a13ef52150b96bbaa27f9335e03c02449dbab54a51065e6db85e2d2c76a2e8fbcde68ab
SHA1 hash: 01de119c65301788bd65c921f5788232a48dde54
MD5 hash: 3d1546c8a96036b426df4ea07cb70cef
humanhash: lemon-michigan-carpet-south
File name:lol.sh
Download: download sample
Signature Mirai
Create hunting rule
File size:5'666 bytes
First seen:2026-04-01 08:42:29 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 96:rhEVud2FvoGKP2p+xFt3zGJE/c3Fo8r7liJOpKdJ:uVud2Kp
TLSH T130C162821145CF33BE08ED1679A55D0830D06AF1D896FF0AD8FA5592FA5DEC8A902E73
TrID 50.0% (.SH) Linux/UNIX shell script (7000/1)
28.5% (.PL) Perl script (4000/1/1)
21.4% (.) Unix-like shebang (var.3) (gen) (3000/1)
Magika shell
Reporter abuse_ch
Tags:mirai sh
URLMalware sample (SHA256 hash)SignatureTags
http://142.248.80.144/lemperluvkurayami/kurayami.x86ea61e090f64b28c641b4d7c1fd771082eaf91bec933242589e48f525cebb3da6 Miraimirai
http://142.248.80.144/lemperluvkurayami/kurayami.mipsa65211cd909a1bf9ad9c528f9e49915dda62eb23d104d5f56772cedfefc9656e Miraimirai
http://142.248.80.144/lemperluvkurayami/kurayami.arc1c912c5fb80edc312de11238b21d63f75fdf8e8221926a53dbe99d02a454815a Miraimirai
http://142.248.80.144/lemperluvkurayami/kurayami.i468n/an/aua-wget
http://142.248.80.144/lemperluvkurayami/kurayami.i6869ab5896db88a6279a4c0e3060e0061d8357d2077ebb1115f9449d1eb3db40b80 Miraimirai
http://142.248.80.144/lemperluvkurayami/kurayami.x86_64793ed95eb6ef4d880d85e5aaf46a415949a1894a1f1022aa11e9d8923e8b1b84 Miraimirai
http://142.248.80.144/lemperluvkurayami/kurayami.mpslf12da0de01043970050d584da976e34c8b4b8d32739a385c68ba1f5522ea99df Miraimirai
http://142.248.80.144/lemperluvkurayami/kurayami.arm1c580da3046e1cd892f51f3af3c327fa4c5c19435574f8e6277c4173bfa18ad4 Miraimirai
http://142.248.80.144/lemperluvkurayami/kurayami.arm55c067ef70261e6ea744eb8bcedf95e8c52ad89ab1a1f0155e349b05207385da7 Miraimirai
http://142.248.80.144/lemperluvkurayami/kurayami.arm61ee1b7c114e3eca3597b10815417d933281dea5a05af2ca23c3445205839e446 Miraimirai
http://142.248.80.144/lemperluvkurayami/kurayami.arm738b1260b84d6080157ddc1a5b04727b81383cda5a90b02e1902bf59a0511114a Miraimirai
http://142.248.80.144/lemperluvkurayami/kurayami.ppcb4c161f183d40a4e9908901e3519f2100a2cf14c19bbd5344ee8de5720f5790b Miraimirai
http://142.248.80.144/lemperluvkurayami/kurayami.spcn/an/aua-wget
http://142.248.80.144/lemperluvkurayami/kurayami.m68kc707b0e45191524a58acd5b82c5d7c87b9d2a1a2b52f3d29bbd41559863b9c2e Miraimirai
http://142.248.80.144/lemperluvkurayami/kurayami.sh41d57ee028e58364660d400a755b67058b2a211b43c62dbfe16f1b316104f0e31 Miraimirai
http://142.248.80.144/lemperluvkurayami/kurayami.arm64989a4868eb390b4a1d97cf77bd810ca843ea7fdae3eef115a1ffcade96c5033f Miraimirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
76
Origin country :
DE DE
Vendor Threat Intelligence
Gathering data
Detection(s):
SecuriteInfo.com.Linux.Downloader-29.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
File Type:
unix shell
First seen:
2026-04-01T03:49:00Z UTC
Last seen:
2026-04-03T01:47:00Z UTC
Hits:
~10
Detections:
HEUR:Trojan-Downloader.Shell.Agent.gen HEUR:Trojan-Downloader.Shell.Agent.a HEUR:Trojan-Downloader.Shell.Agent.p
Link:
https://opentip.kaspersky.com/9ca881abd3c11368e381b8a9f6d32ef14e022058ce936922afb82164c17f3310/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/22b975c4-a740-47c1-a930-115729ffb482
Behavior Graph:
Download SVG
%3 guuid=2d7dab1f-1700-0000-0e4b-15df640e0000 pid=3684 /usr/bin/sudo guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692 /tmp/sample.bin guuid=2d7dab1f-1700-0000-0e4b-15df640e0000 pid=3684->guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692 execve guuid=6b228d21-1700-0000-0e4b-15df700e0000 pid=3696 /usr/bin/cp guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=6b228d21-1700-0000-0e4b-15df700e0000 pid=3696 execve guuid=f6306a22-1700-0000-0e4b-15df760e0000 pid=3702 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=f6306a22-1700-0000-0e4b-15df760e0000 pid=3702 execve guuid=8c4db122-1700-0000-0e4b-15df780e0000 pid=3704 /usr/bin/wget net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=8c4db122-1700-0000-0e4b-15df780e0000 pid=3704 execve guuid=d477053f-1700-0000-0e4b-15dfef0e0000 pid=3823 /usr/bin/curl net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=d477053f-1700-0000-0e4b-15dfef0e0000 pid=3823 execve guuid=c3cd5c5d-1700-0000-0e4b-15df3f0f0000 pid=3903 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=c3cd5c5d-1700-0000-0e4b-15df3f0f0000 pid=3903 execve guuid=fa7ae55d-1700-0000-0e4b-15df410f0000 pid=3905 /tmp/kurayami.x86 net guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=fa7ae55d-1700-0000-0e4b-15df410f0000 pid=3905 execve guuid=ab0bc58b-1800-0000-0e4b-15dfa8120000 pid=4776 /usr/bin/rm delete-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=ab0bc58b-1800-0000-0e4b-15dfa8120000 pid=4776 execve guuid=eb86288c-1800-0000-0e4b-15dfaa120000 pid=4778 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=eb86288c-1800-0000-0e4b-15dfaa120000 pid=4778 execve guuid=a1ea6d8c-1800-0000-0e4b-15dfac120000 pid=4780 /usr/bin/wget net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=a1ea6d8c-1800-0000-0e4b-15dfac120000 pid=4780 execve guuid=af29bea9-1800-0000-0e4b-15dff8120000 pid=4856 /usr/bin/curl net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=af29bea9-1800-0000-0e4b-15dff8120000 pid=4856 execve guuid=bd8bd3ca-1800-0000-0e4b-15df3f130000 pid=4927 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=bd8bd3ca-1800-0000-0e4b-15df3f130000 pid=4927 execve guuid=711361cb-1800-0000-0e4b-15df41130000 pid=4929 /usr/bin/bash guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=711361cb-1800-0000-0e4b-15df41130000 pid=4929 clone guuid=d29219ce-1800-0000-0e4b-15df49130000 pid=4937 /usr/bin/rm delete-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=d29219ce-1800-0000-0e4b-15df49130000 pid=4937 execve guuid=8d4678ce-1800-0000-0e4b-15df4b130000 pid=4939 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=8d4678ce-1800-0000-0e4b-15df4b130000 pid=4939 execve guuid=bde6e9ce-1800-0000-0e4b-15df4d130000 pid=4941 /usr/bin/wget net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=bde6e9ce-1800-0000-0e4b-15df4d130000 pid=4941 execve guuid=17e038f2-1800-0000-0e4b-15df9a130000 pid=5018 /usr/bin/curl net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=17e038f2-1800-0000-0e4b-15df9a130000 pid=5018 execve guuid=e5b51f16-1900-0000-0e4b-15df16140000 pid=5142 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=e5b51f16-1900-0000-0e4b-15df16140000 pid=5142 execve guuid=04696a16-1900-0000-0e4b-15df18140000 pid=5144 /usr/bin/bash guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=04696a16-1900-0000-0e4b-15df18140000 pid=5144 clone guuid=bfc6fa16-1900-0000-0e4b-15df1c140000 pid=5148 /usr/bin/rm delete-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=bfc6fa16-1900-0000-0e4b-15df1c140000 pid=5148 execve guuid=35b2651b-1900-0000-0e4b-15df20140000 pid=5152 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=35b2651b-1900-0000-0e4b-15df20140000 pid=5152 execve guuid=66b0ae1b-1900-0000-0e4b-15df22140000 pid=5154 /usr/bin/wget net send-data guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=66b0ae1b-1900-0000-0e4b-15df22140000 pid=5154 execve guuid=4f692a2b-1900-0000-0e4b-15df49140000 pid=5193 /usr/bin/curl net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=4f692a2b-1900-0000-0e4b-15df49140000 pid=5193 execve guuid=9cf2243c-1900-0000-0e4b-15df79140000 pid=5241 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=9cf2243c-1900-0000-0e4b-15df79140000 pid=5241 execve guuid=e25f7b3c-1900-0000-0e4b-15df7a140000 pid=5242 /usr/bin/bash guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=e25f7b3c-1900-0000-0e4b-15df7a140000 pid=5242 clone guuid=cedd9e3c-1900-0000-0e4b-15df7b140000 pid=5243 /usr/bin/rm delete-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=cedd9e3c-1900-0000-0e4b-15df7b140000 pid=5243 execve guuid=9b5ff73c-1900-0000-0e4b-15df7c140000 pid=5244 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=9b5ff73c-1900-0000-0e4b-15df7c140000 pid=5244 execve guuid=b0a4513d-1900-0000-0e4b-15df7d140000 pid=5245 /usr/bin/wget net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=b0a4513d-1900-0000-0e4b-15df7d140000 pid=5245 execve guuid=524c5559-1900-0000-0e4b-15df89140000 pid=5257 /usr/bin/curl net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=524c5559-1900-0000-0e4b-15df89140000 pid=5257 execve guuid=f8174c76-1900-0000-0e4b-15df8a140000 pid=5258 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=f8174c76-1900-0000-0e4b-15df8a140000 pid=5258 execve guuid=429e9e76-1900-0000-0e4b-15df8b140000 pid=5259 /tmp/kurayami.i686 net guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=429e9e76-1900-0000-0e4b-15df8b140000 pid=5259 execve guuid=02222ea4-1a00-0000-0e4b-15df98140000 pid=5272 /usr/bin/rm delete-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=02222ea4-1a00-0000-0e4b-15df98140000 pid=5272 execve guuid=de18e3a4-1a00-0000-0e4b-15df99140000 pid=5273 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=de18e3a4-1a00-0000-0e4b-15df99140000 pid=5273 execve guuid=944435a6-1a00-0000-0e4b-15df9a140000 pid=5274 /usr/bin/wget net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=944435a6-1a00-0000-0e4b-15df9a140000 pid=5274 execve guuid=8007e4c2-1a00-0000-0e4b-15df9b140000 pid=5275 /usr/bin/curl net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=8007e4c2-1a00-0000-0e4b-15df9b140000 pid=5275 execve guuid=7c67d4e1-1a00-0000-0e4b-15df9c140000 pid=5276 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=7c67d4e1-1a00-0000-0e4b-15df9c140000 pid=5276 execve guuid=fef657e2-1a00-0000-0e4b-15df9d140000 pid=5277 /tmp/kurayami.x86_64 mprotect-exec net guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=fef657e2-1a00-0000-0e4b-15df9d140000 pid=5277 execve guuid=9f3cab0e-1c00-0000-0e4b-15dfc3140000 pid=5315 /usr/bin/rm delete-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=9f3cab0e-1c00-0000-0e4b-15dfc3140000 pid=5315 execve guuid=3045500f-1c00-0000-0e4b-15dfc4140000 pid=5316 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=3045500f-1c00-0000-0e4b-15dfc4140000 pid=5316 execve guuid=9cc8f60f-1c00-0000-0e4b-15dfc5140000 pid=5317 /usr/bin/wget net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=9cc8f60f-1c00-0000-0e4b-15dfc5140000 pid=5317 execve guuid=468abe2c-1c00-0000-0e4b-15dfc6140000 pid=5318 /usr/bin/curl net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=468abe2c-1c00-0000-0e4b-15dfc6140000 pid=5318 execve guuid=2288c64c-1c00-0000-0e4b-15dfc7140000 pid=5319 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=2288c64c-1c00-0000-0e4b-15dfc7140000 pid=5319 execve guuid=49f0154d-1c00-0000-0e4b-15dfc8140000 pid=5320 /usr/bin/bash guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=49f0154d-1c00-0000-0e4b-15dfc8140000 pid=5320 clone guuid=b384b24d-1c00-0000-0e4b-15dfca140000 pid=5322 /usr/bin/rm delete-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=b384b24d-1c00-0000-0e4b-15dfca140000 pid=5322 execve guuid=c6a2fe4d-1c00-0000-0e4b-15dfcb140000 pid=5323 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=c6a2fe4d-1c00-0000-0e4b-15dfcb140000 pid=5323 execve guuid=1756504e-1c00-0000-0e4b-15dfcc140000 pid=5324 /usr/bin/wget net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=1756504e-1c00-0000-0e4b-15dfcc140000 pid=5324 execve guuid=37c98d6a-1c00-0000-0e4b-15dfcd140000 pid=5325 /usr/bin/curl net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=37c98d6a-1c00-0000-0e4b-15dfcd140000 pid=5325 execve guuid=539c288a-1c00-0000-0e4b-15dfce140000 pid=5326 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=539c288a-1c00-0000-0e4b-15dfce140000 pid=5326 execve guuid=8896c28a-1c00-0000-0e4b-15dfcf140000 pid=5327 /usr/bin/bash guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=8896c28a-1c00-0000-0e4b-15dfcf140000 pid=5327 clone guuid=0e04f78b-1c00-0000-0e4b-15dfd1140000 pid=5329 /usr/bin/rm delete-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=0e04f78b-1c00-0000-0e4b-15dfd1140000 pid=5329 execve guuid=7a30958c-1c00-0000-0e4b-15dfd2140000 pid=5330 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=7a30958c-1c00-0000-0e4b-15dfd2140000 pid=5330 execve guuid=472f328d-1c00-0000-0e4b-15dfd3140000 pid=5331 /usr/bin/wget net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=472f328d-1c00-0000-0e4b-15dfd3140000 pid=5331 execve guuid=b37658a3-1c00-0000-0e4b-15dfd4140000 pid=5332 /usr/bin/curl net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=b37658a3-1c00-0000-0e4b-15dfd4140000 pid=5332 execve guuid=3a081ebb-1c00-0000-0e4b-15dfd5140000 pid=5333 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=3a081ebb-1c00-0000-0e4b-15dfd5140000 pid=5333 execve guuid=b52ac0bb-1c00-0000-0e4b-15dfd6140000 pid=5334 /usr/bin/bash guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=b52ac0bb-1c00-0000-0e4b-15dfd6140000 pid=5334 clone guuid=edd1f7bc-1c00-0000-0e4b-15dfd8140000 pid=5336 /usr/bin/rm delete-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=edd1f7bc-1c00-0000-0e4b-15dfd8140000 pid=5336 execve guuid=144d90bd-1c00-0000-0e4b-15dfd9140000 pid=5337 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=144d90bd-1c00-0000-0e4b-15dfd9140000 pid=5337 execve guuid=a27522be-1c00-0000-0e4b-15dfda140000 pid=5338 /usr/bin/wget net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=a27522be-1c00-0000-0e4b-15dfda140000 pid=5338 execve guuid=2afa16db-1c00-0000-0e4b-15dfdb140000 pid=5339 /usr/bin/curl net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=2afa16db-1c00-0000-0e4b-15dfdb140000 pid=5339 execve guuid=a944b5f9-1c00-0000-0e4b-15dfdc140000 pid=5340 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=a944b5f9-1c00-0000-0e4b-15dfdc140000 pid=5340 execve guuid=28b749fa-1c00-0000-0e4b-15dfdd140000 pid=5341 /usr/bin/bash guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=28b749fa-1c00-0000-0e4b-15dfdd140000 pid=5341 clone guuid=27d98afb-1c00-0000-0e4b-15dfdf140000 pid=5343 /usr/bin/rm delete-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=27d98afb-1c00-0000-0e4b-15dfdf140000 pid=5343 execve guuid=cffa4cfc-1c00-0000-0e4b-15dfe0140000 pid=5344 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=cffa4cfc-1c00-0000-0e4b-15dfe0140000 pid=5344 execve guuid=8599e8fc-1c00-0000-0e4b-15dfe1140000 pid=5345 /usr/bin/wget net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=8599e8fc-1c00-0000-0e4b-15dfe1140000 pid=5345 execve guuid=7cd1031a-1d00-0000-0e4b-15dfe2140000 pid=5346 /usr/bin/curl net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=7cd1031a-1d00-0000-0e4b-15dfe2140000 pid=5346 execve guuid=b1a8b838-1d00-0000-0e4b-15dfe3140000 pid=5347 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=b1a8b838-1d00-0000-0e4b-15dfe3140000 pid=5347 execve guuid=e4544639-1d00-0000-0e4b-15dfe4140000 pid=5348 /usr/bin/bash guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=e4544639-1d00-0000-0e4b-15dfe4140000 pid=5348 clone guuid=d6bd863a-1d00-0000-0e4b-15dfe6140000 pid=5350 /usr/bin/rm delete-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=d6bd863a-1d00-0000-0e4b-15dfe6140000 pid=5350 execve guuid=9513273b-1d00-0000-0e4b-15dfe7140000 pid=5351 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=9513273b-1d00-0000-0e4b-15dfe7140000 pid=5351 execve guuid=8ab8c03b-1d00-0000-0e4b-15dfe8140000 pid=5352 /usr/bin/wget net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=8ab8c03b-1d00-0000-0e4b-15dfe8140000 pid=5352 execve guuid=19977758-1d00-0000-0e4b-15dfe9140000 pid=5353 /usr/bin/curl net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=19977758-1d00-0000-0e4b-15dfe9140000 pid=5353 execve guuid=5464aa79-1d00-0000-0e4b-15dfea140000 pid=5354 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=5464aa79-1d00-0000-0e4b-15dfea140000 pid=5354 execve guuid=ea03467a-1d00-0000-0e4b-15dfeb140000 pid=5355 /usr/bin/bash guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=ea03467a-1d00-0000-0e4b-15dfeb140000 pid=5355 clone guuid=7d78927b-1d00-0000-0e4b-15dfed140000 pid=5357 /usr/bin/rm delete-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=7d78927b-1d00-0000-0e4b-15dfed140000 pid=5357 execve guuid=a8ea397c-1d00-0000-0e4b-15dfee140000 pid=5358 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=a8ea397c-1d00-0000-0e4b-15dfee140000 pid=5358 execve guuid=95d8887c-1d00-0000-0e4b-15dfef140000 pid=5359 /usr/bin/wget net send-data guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=95d8887c-1d00-0000-0e4b-15dfef140000 pid=5359 execve guuid=14638b8b-1d00-0000-0e4b-15dff0140000 pid=5360 /usr/bin/curl net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=14638b8b-1d00-0000-0e4b-15dff0140000 pid=5360 execve guuid=8eb7a59b-1d00-0000-0e4b-15dff1140000 pid=5361 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=8eb7a59b-1d00-0000-0e4b-15dff1140000 pid=5361 execve guuid=1a9d409c-1d00-0000-0e4b-15dff2140000 pid=5362 /usr/bin/bash guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=1a9d409c-1d00-0000-0e4b-15dff2140000 pid=5362 clone guuid=3b7b9b9c-1d00-0000-0e4b-15dff3140000 pid=5363 /usr/bin/rm delete-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=3b7b9b9c-1d00-0000-0e4b-15dff3140000 pid=5363 execve guuid=d419359d-1d00-0000-0e4b-15dff4140000 pid=5364 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=d419359d-1d00-0000-0e4b-15dff4140000 pid=5364 execve guuid=fc43e09d-1d00-0000-0e4b-15dff5140000 pid=5365 /usr/bin/wget net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=fc43e09d-1d00-0000-0e4b-15dff5140000 pid=5365 execve guuid=adf6f0c1-1d00-0000-0e4b-15dff6140000 pid=5366 /usr/bin/curl net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=adf6f0c1-1d00-0000-0e4b-15dff6140000 pid=5366 execve guuid=512dbbed-1d00-0000-0e4b-15dff7140000 pid=5367 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=512dbbed-1d00-0000-0e4b-15dff7140000 pid=5367 execve guuid=44402bee-1d00-0000-0e4b-15dff8140000 pid=5368 /usr/bin/bash guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=44402bee-1d00-0000-0e4b-15dff8140000 pid=5368 clone guuid=eb01e1ee-1d00-0000-0e4b-15dffa140000 pid=5370 /usr/bin/rm delete-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=eb01e1ee-1d00-0000-0e4b-15dffa140000 pid=5370 execve guuid=980033ef-1d00-0000-0e4b-15dffb140000 pid=5371 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=980033ef-1d00-0000-0e4b-15dffb140000 pid=5371 execve guuid=17df84ef-1d00-0000-0e4b-15dffc140000 pid=5372 /usr/bin/wget net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=17df84ef-1d00-0000-0e4b-15dffc140000 pid=5372 execve guuid=42f23412-1e00-0000-0e4b-15dffd140000 pid=5373 /usr/bin/curl net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=42f23412-1e00-0000-0e4b-15dffd140000 pid=5373 execve guuid=f787a535-1e00-0000-0e4b-15dffe140000 pid=5374 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=f787a535-1e00-0000-0e4b-15dffe140000 pid=5374 execve guuid=8ed5ed35-1e00-0000-0e4b-15dfff140000 pid=5375 /usr/bin/bash guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=8ed5ed35-1e00-0000-0e4b-15dfff140000 pid=5375 clone guuid=88b98636-1e00-0000-0e4b-15df01150000 pid=5377 /usr/bin/rm delete-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=88b98636-1e00-0000-0e4b-15df01150000 pid=5377 execve guuid=5da6d136-1e00-0000-0e4b-15df02150000 pid=5378 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=5da6d136-1e00-0000-0e4b-15df02150000 pid=5378 execve guuid=1b541d37-1e00-0000-0e4b-15df03150000 pid=5379 /usr/bin/wget net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=1b541d37-1e00-0000-0e4b-15df03150000 pid=5379 execve guuid=efbeb660-1e00-0000-0e4b-15df04150000 pid=5380 /usr/bin/curl net send-data write-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=efbeb660-1e00-0000-0e4b-15df04150000 pid=5380 execve guuid=2ed98c8c-1e00-0000-0e4b-15df05150000 pid=5381 /usr/bin/chmod guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=2ed98c8c-1e00-0000-0e4b-15df05150000 pid=5381 execve guuid=443c2c8d-1e00-0000-0e4b-15df06150000 pid=5382 /usr/bin/bash guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=443c2c8d-1e00-0000-0e4b-15df06150000 pid=5382 clone guuid=7547698e-1e00-0000-0e4b-15df08150000 pid=5384 /usr/bin/rm delete-file guuid=13713d21-1700-0000-0e4b-15df6c0e0000 pid=3692->guuid=7547698e-1e00-0000-0e4b-15df08150000 pid=5384 execve 20a3e4c7-4097-5a6d-858d-457b67dd57ee 142.248.80.144:80 guuid=8c4db122-1700-0000-0e4b-15df780e0000 pid=3704->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 159B guuid=d477053f-1700-0000-0e4b-15dfef0e0000 pid=3823->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 108B 8b0a01dc-0728-52c1-8024-c4ba7801b8d6 8.8.8.8:53 guuid=fa7ae55d-1700-0000-0e4b-15df410f0000 pid=3905->8b0a01dc-0728-52c1-8024-c4ba7801b8d6 con guuid=2c94f95e-1700-0000-0e4b-15df440f0000 pid=3908 /tmp/kurayami.x86 guuid=fa7ae55d-1700-0000-0e4b-15df410f0000 pid=3905->guuid=2c94f95e-1700-0000-0e4b-15df440f0000 pid=3908 clone guuid=3e2eaf8b-1800-0000-0e4b-15dfa5120000 pid=4773 /tmp/kurayami.x86 guuid=fa7ae55d-1700-0000-0e4b-15df410f0000 pid=3905->guuid=3e2eaf8b-1800-0000-0e4b-15dfa5120000 pid=4773 clone guuid=9eafb48b-1800-0000-0e4b-15dfa7120000 pid=4775 /tmp/kurayami.x86 net send-data zombie guuid=fa7ae55d-1700-0000-0e4b-15df410f0000 pid=3905->guuid=9eafb48b-1800-0000-0e4b-15dfa7120000 pid=4775 clone guuid=91d0085f-1700-0000-0e4b-15df450f0000 pid=3909 /tmp/kurayami.x86 guuid=2c94f95e-1700-0000-0e4b-15df440f0000 pid=3908->guuid=91d0085f-1700-0000-0e4b-15df450f0000 pid=3909 clone guuid=ae42115f-1700-0000-0e4b-15df460f0000 pid=3910 /tmp/kurayami.x86 net send-data zombie guuid=2c94f95e-1700-0000-0e4b-15df440f0000 pid=3908->guuid=ae42115f-1700-0000-0e4b-15df460f0000 pid=3910 clone guuid=ae42115f-1700-0000-0e4b-15df460f0000 pid=3910->8b0a01dc-0728-52c1-8024-c4ba7801b8d6 con 941f7832-eda7-5d49-a355-c48f57fc945d 142.248.80.144:6934 guuid=ae42115f-1700-0000-0e4b-15df460f0000 pid=3910->941f7832-eda7-5d49-a355-c48f57fc945d send: 22B guuid=9eafb48b-1800-0000-0e4b-15dfa7120000 pid=4775->8b0a01dc-0728-52c1-8024-c4ba7801b8d6 con guuid=9eafb48b-1800-0000-0e4b-15dfa7120000 pid=4775->941f7832-eda7-5d49-a355-c48f57fc945d send: 18B guuid=a1ea6d8c-1800-0000-0e4b-15dfac120000 pid=4780->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 160B guuid=af29bea9-1800-0000-0e4b-15dff8120000 pid=4856->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 109B guuid=bde6e9ce-1800-0000-0e4b-15df4d130000 pid=4941->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 159B guuid=17e038f2-1800-0000-0e4b-15df9a130000 pid=5018->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 108B guuid=66b0ae1b-1900-0000-0e4b-15df22140000 pid=5154->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 160B guuid=4f692a2b-1900-0000-0e4b-15df49140000 pid=5193->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 109B guuid=b0a4513d-1900-0000-0e4b-15df7d140000 pid=5245->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 160B guuid=524c5559-1900-0000-0e4b-15df89140000 pid=5257->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 109B guuid=429e9e76-1900-0000-0e4b-15df8b140000 pid=5259->8b0a01dc-0728-52c1-8024-c4ba7801b8d6 con guuid=85b5ca77-1900-0000-0e4b-15df8c140000 pid=5260 /tmp/kurayami.i686 guuid=429e9e76-1900-0000-0e4b-15df8b140000 pid=5259->guuid=85b5ca77-1900-0000-0e4b-15df8c140000 pid=5260 clone guuid=0920fea3-1a00-0000-0e4b-15df96140000 pid=5270 /tmp/kurayami.i686 guuid=429e9e76-1900-0000-0e4b-15df8b140000 pid=5259->guuid=0920fea3-1a00-0000-0e4b-15df96140000 pid=5270 clone guuid=692913a4-1a00-0000-0e4b-15df97140000 pid=5271 /tmp/kurayami.i686 net send-data zombie guuid=429e9e76-1900-0000-0e4b-15df8b140000 pid=5259->guuid=692913a4-1a00-0000-0e4b-15df97140000 pid=5271 clone guuid=9d21d677-1900-0000-0e4b-15df8d140000 pid=5261 /tmp/kurayami.i686 guuid=85b5ca77-1900-0000-0e4b-15df8c140000 pid=5260->guuid=9d21d677-1900-0000-0e4b-15df8d140000 pid=5261 clone guuid=b591da77-1900-0000-0e4b-15df8e140000 pid=5262 /tmp/kurayami.i686 net send-data zombie guuid=85b5ca77-1900-0000-0e4b-15df8c140000 pid=5260->guuid=b591da77-1900-0000-0e4b-15df8e140000 pid=5262 clone guuid=b591da77-1900-0000-0e4b-15df8e140000 pid=5262->8b0a01dc-0728-52c1-8024-c4ba7801b8d6 con guuid=b591da77-1900-0000-0e4b-15df8e140000 pid=5262->941f7832-eda7-5d49-a355-c48f57fc945d send: 19B guuid=692913a4-1a00-0000-0e4b-15df97140000 pid=5271->8b0a01dc-0728-52c1-8024-c4ba7801b8d6 con guuid=692913a4-1a00-0000-0e4b-15df97140000 pid=5271->941f7832-eda7-5d49-a355-c48f57fc945d send: 19B guuid=944435a6-1a00-0000-0e4b-15df9a140000 pid=5274->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 162B guuid=8007e4c2-1a00-0000-0e4b-15df9b140000 pid=5275->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 111B guuid=fef657e2-1a00-0000-0e4b-15df9d140000 pid=5277->8b0a01dc-0728-52c1-8024-c4ba7801b8d6 con guuid=bcb7bbe3-1a00-0000-0e4b-15df9e140000 pid=5278 /tmp/kurayami.x86_64 guuid=fef657e2-1a00-0000-0e4b-15df9d140000 pid=5277->guuid=bcb7bbe3-1a00-0000-0e4b-15df9e140000 pid=5278 clone guuid=ea59790e-1c00-0000-0e4b-15dfc1140000 pid=5313 /tmp/kurayami.x86_64 guuid=fef657e2-1a00-0000-0e4b-15df9d140000 pid=5277->guuid=ea59790e-1c00-0000-0e4b-15dfc1140000 pid=5313 clone guuid=fa2e830e-1c00-0000-0e4b-15dfc2140000 pid=5314 /tmp/kurayami.x86_64 net send-data zombie guuid=fef657e2-1a00-0000-0e4b-15df9d140000 pid=5277->guuid=fa2e830e-1c00-0000-0e4b-15dfc2140000 pid=5314 clone guuid=8054c6e3-1a00-0000-0e4b-15df9f140000 pid=5279 /tmp/kurayami.x86_64 guuid=bcb7bbe3-1a00-0000-0e4b-15df9e140000 pid=5278->guuid=8054c6e3-1a00-0000-0e4b-15df9f140000 pid=5279 clone guuid=f6fbcae3-1a00-0000-0e4b-15dfa0140000 pid=5280 /tmp/kurayami.x86_64 net send-data zombie guuid=bcb7bbe3-1a00-0000-0e4b-15df9e140000 pid=5278->guuid=f6fbcae3-1a00-0000-0e4b-15dfa0140000 pid=5280 clone guuid=f6fbcae3-1a00-0000-0e4b-15dfa0140000 pid=5280->8b0a01dc-0728-52c1-8024-c4ba7801b8d6 con guuid=f6fbcae3-1a00-0000-0e4b-15dfa0140000 pid=5280->941f7832-eda7-5d49-a355-c48f57fc945d send: 21B guuid=fa2e830e-1c00-0000-0e4b-15dfc2140000 pid=5314->8b0a01dc-0728-52c1-8024-c4ba7801b8d6 con guuid=fa2e830e-1c00-0000-0e4b-15dfc2140000 pid=5314->941f7832-eda7-5d49-a355-c48f57fc945d send: 21B guuid=9cc8f60f-1c00-0000-0e4b-15dfc5140000 pid=5317->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 160B guuid=468abe2c-1c00-0000-0e4b-15dfc6140000 pid=5318->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 109B guuid=1756504e-1c00-0000-0e4b-15dfcc140000 pid=5324->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 159B guuid=37c98d6a-1c00-0000-0e4b-15dfcd140000 pid=5325->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 108B guuid=472f328d-1c00-0000-0e4b-15dfd3140000 pid=5331->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 160B guuid=b37658a3-1c00-0000-0e4b-15dfd4140000 pid=5332->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 109B guuid=a27522be-1c00-0000-0e4b-15dfda140000 pid=5338->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 160B guuid=2afa16db-1c00-0000-0e4b-15dfdb140000 pid=5339->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 109B guuid=8599e8fc-1c00-0000-0e4b-15dfe1140000 pid=5345->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 160B guuid=7cd1031a-1d00-0000-0e4b-15dfe2140000 pid=5346->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 109B guuid=8ab8c03b-1d00-0000-0e4b-15dfe8140000 pid=5352->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 159B guuid=19977758-1d00-0000-0e4b-15dfe9140000 pid=5353->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 108B guuid=95d8887c-1d00-0000-0e4b-15dfef140000 pid=5359->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 159B guuid=14638b8b-1d00-0000-0e4b-15dff0140000 pid=5360->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 108B guuid=fc43e09d-1d00-0000-0e4b-15dff5140000 pid=5365->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 160B guuid=adf6f0c1-1d00-0000-0e4b-15dff6140000 pid=5366->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 109B guuid=17df84ef-1d00-0000-0e4b-15dffc140000 pid=5372->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 159B guuid=42f23412-1e00-0000-0e4b-15dffd140000 pid=5373->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 108B guuid=1b541d37-1e00-0000-0e4b-15df03150000 pid=5379->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 161B guuid=efbeb660-1e00-0000-0e4b-15df04150000 pid=5380->20a3e4c7-4097-5a6d-858d-457b67dd57ee send: 110B
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/9ca881abd3c11368e381b8a9f6d32ef14e022058ce936922afb82164c17f3310
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/9ca881abd3c11368e381b8a9f6d32ef14e022058ce936922afb82164c17f3310/
Verdict:
Malicious
Threat:
Family.MIRAI
Link:
https://tip.neiki.dev/file/9ca881abd3c11368e381b8a9f6d32ef14e022058ce936922afb82164c17f3310
Threat name:
Linux.Trojan.Vigorf
Create hunting rule
Status:
Malicious
First seen:
2026-04-01 08:43:18 UTC
File Type:
Text (Shell)
AV detection:
8 of 24 (33.33%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=tsuidk6tyejwry4bxcu7nuzo6fhaeicyz2jwsivpxaqwjql7gmia._file
Result
Malware family:
mirai
Create hunting rule
Score:
  10/10
Tags:
family:mirai antivm botnet defense_evasion discovery linux upx
Link:
https://tria.ge/reports/260401-kmncsads81/
Behaviour
Reads runtime system information
System Network Configuration Discovery
Writes file to tmp directory
Checks CPU configuration
UPX packed file
Enumerates running processes
Writes file to system bin folder
File and Directory Permissions Modification
Executes dropped EXE
Modifies Watchdog functionality
Mirai
Mirai family
Malware family:
Mirai
Create hunting rule
Verdict:
Malicious
Link:
https://www.vmray.com/analyses/_mb/9ca881abd3c1/report/overview.html
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.39
Link:
https://yomi.yoroi.company/submissions/9ca881abd3c11368e381b8a9f6d32ef14e022058ce936922afb82164c17f3310

YARA Signatures

MalwareBazaar uses YARA rules from several public and non-public repositories, such as YARAhub and Malpedia. Those are being matched against malware samples uploaded to MalwareBazaar as well as against any suspicious process dumps they may create. Please note that only results from TLP:CLEAR rules are being displayed.

Rule name:Linux_Shellscript_Downloader
Create hunting rule
Author:albertzsigovits
Description:Generic Approach to Shellscript downloaders
Rule name:MAL_Linux_IoT_MultiArch_BotnetLoader_Generic
Create hunting rule
Author:Anish Bogati
Description:Technique-based detection of IoT/Linux botnet loader shell scripts downloading binaries from numeric IPs, chmodding, and executing multi-architecture payloads
Reference:MalwareBazaar sample lilin.sh

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh 9ca881abd3c11368e381b8a9f6d32ef14e022058ce936922afb82164c17f3310

(this sample)

Mirai

elf 76169f5a5e8d1eb4cf7e79f3bbc422b0d8f870da1530212ef4c3d88f232d9362

Mirai

elf 78b1f087230ead241657141b363d532ed48e35cab865bf5e27ef4f761ddd476c

  
URLhaus
https://urlhaus.abuse.ch/url/3808216/
  
Delivery method
Distributed via web download
  
Dropping
MD5 dc3a2f67b736b6767207ed3318752a8b
  
Dropping
SHA256 78b1f087230ead241657141b363d532ed48e35cab865bf5e27ef4f761ddd476c

Comments