MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 acf7fb22973763a6d6544ecb2599f2a3d23537ed80f89495b2950d9c14c1df24. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: acf7fb22973763a6d6544ecb2599f2a3d23537ed80f89495b2950d9c14c1df24
SHA3-384 hash: 2db2da8782cbf50cc7d8a7918d95e6243bd85fbb5c715b5316d1ae90ebb9b85add4610ae55edcb9238950277b18ee24a
SHA1 hash: 4e20463cbcd59c09cece5335cbb04ad451ccba48
MD5 hash: c0aa4a3330ec71a61107ef9633b0b07e
humanhash: uniform-vegan-fillet-neptune
File name:c
Download: download sample
Signature Mirai
Create hunting rule
File size:534 bytes
First seen:2025-11-28 18:01:20 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 12:B8h8kQ8i8WNhZ18F4ZX8F48FF8FiVS8Fnj8FH0LKN:BStQdnNhZ1mUXm4mFmi4mjmSKN
TLSH T1ACF068E933A0526686C9CF13E2616A34770B9FCDE8940FCC55CF28754A588007029E47
Magika txt
Reporter abuse_ch
Tags:mirai sh
URLMalware sample (SHA256 hash)SignatureTags
http://103.146.23.141/mips8940a2d83740ea74154a6ede90488eb87e10ca22f092597e9c27f00ae380f8cb Miraielf geofenced mips mirai ua-wget USA
http://103.146.23.141/mpsl5add3655c138947e54f6e93f583e7704a9a33ea87a1c76eb5322358d9d6d992e Miraielf geofenced mips mirai ua-wget USA
http://103.146.23.141/armfe97cfdc07d40ad61d688edb30b6d7fdb500c0d6db85f7d1f9e639173922f4ab Miraiarm elf geofenced mirai ua-wget USA
http://103.146.23.141/arm55b94659fba807f800bca96cbf40d6be1da4306e21b0f6f2579c41f70585690e9 Miraiarm elf geofenced mirai ua-wget USA
http://103.146.23.141/arm721c9e1189e8447ddb5e233401d47ac4be0321d988e081a75a074d4414cf1a5a8 Miraiarm elf geofenced mirai ua-wget USA

Intelligence

File Origin
# of uploads :
1
# of downloads :
24
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Labled as:
TrojanDownloader/Linux.Agent
Link:
https://www.hybrid-analysis.com/sample/acf7fb22973763a6d6544ecb2599f2a3d23537ed80f89495b2950d9c14c1df24
Verdict:
Malicious
File Type:
text
First seen:
2025-11-28T15:15:00Z UTC
Last seen:
2025-11-29T03:08:00Z UTC
Hits:
~10
Detections:
HEUR:Trojan-Downloader.Shell.Agent.a HEUR:Trojan-Downloader.Shell.Agent.p
Link:
https://opentip.kaspersky.com/acf7fb22973763a6d6544ecb2599f2a3d23537ed80f89495b2950d9c14c1df24/results?tab=lookup
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/acf7fb22973763a6d6544ecb2599f2a3d23537ed80f89495b2950d9c14c1df24
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/acf7fb22973763a6d6544ecb2599f2a3d23537ed80f89495b2950d9c14c1df24/
Verdict:
Malicious
Threat:
Trojan-Downloader.Shell.Agent
Link:
https://tip.neiki.dev/file/acf7fb22973763a6d6544ecb2599f2a3d23537ed80f89495b2950d9c14c1df24
Threat name:
Linux.Worm.Mirai
Create hunting rule
Status:
Malicious
First seen:
2025-11-28 17:43:05 UTC
File Type:
Text (Shell)
AV detection:
11 of 36 (30.56%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=vt37wiuxg5r2nvsuj3fslgpsupjdkn7nqd4jjfnssugzyfgb34sa._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/acf7fb22973763a6d6544ecb2599f2a3d23537ed80f89495b2950d9c14c1df24

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh acf7fb22973763a6d6544ecb2599f2a3d23537ed80f89495b2950d9c14c1df24

(this sample)

Mirai

elf 8940a2d83740ea74154a6ede90488eb87e10ca22f092597e9c27f00ae380f8cb

  
URLhaus
https://urlhaus.abuse.ch/url/3718762/
  
Delivery method
Distributed via web download
  
Dropping
MD5 526fae8371c976de947c8cbe86c7a0e7
  
Dropping
SHA256 8940a2d83740ea74154a6ede90488eb87e10ca22f092597e9c27f00ae380f8cb

Comments